Wow, first LinkedIn, and now Yahoo!.
Yahoo! News has reported that its own service has been hacked, resulting in 450,000 compromised passwords. The attack was an SQL Injection Attack, much like the same attack that compromised over 1 million Sony Pictures accounts.
LinkedIn, Yahoo!, Sony Pictures, and SO many more companies are suffering from security vulnerabilities. Are you concerned that your user databases might be at risk? Stormpath API can keep your user data safe from these problems, and protect your application with deep security features.
Stormpath is a cloud Identity Management API service developers use to manage and secure accounts across your applications, websites and mobile apps. As infrastructure for your applications, your end users never need to know Stormpath is in place, but they’re protected with rock solid security, and they’ll be happy you won’t be the next LinkedIn or Yahoo!
Stormpath is not susceptible to SQL Injection attacks: our infrastructure uses multiple redundant data stores, many of which don’t use SQL at all (called NoSQL data stores).
While we do use some SQL-based data stores, all of our interaction with them is performed using a technique known as Prepared Statements using parameterized queries. This ensures that we will not suffer from SQL Injection attacks at all.
This is only just the surface of protecting your users however. Stormpath goes through extreme lengths in all aspects of user security (military-grade encryption, uber-secure password hashing, pre-built user workflows, digest based authentication, etc.) to ensure your applications are protected at all times.
If you don’t want to be in the risky business of building, maintaining and managing user security, or you’d rather just not spend the time building this stuff yourself, signup for Stormpath for FREE today!