The anarchic Internet group called Anonymous recently hacked HBGary Federal and rootkit.com, an online forum dedicated to analyzing and developing rootkit technologies. All user passwords at rootkit.com have been compromised. Given this compromise, I'd like to point out one of my favorite topics in application security — password hashing. It's all too common that Web (and other) applications use M