|
You are here |
blog.andlabs.org | ||
| | | | |
feross.org
|
|
| | | | | Feross Aboukhadijeh is a computer security researcher, teacher, web developer, designer, long distance runner, gamer, music lover, and builder of websites that (sometimes) go viral. | |
| | | | |
textslashplain.com
|
|
| | | | | One attack technique I've seen in use recently involves enticing the victim to enter their password into a locally-downloaded HTML file. The attack begins by the victim receiving an email lure with a HTML file attachment (for me, often with the .shtml file extension): When the user opens the file, a HTML-based credential prompt is... | |
| | | | |
educatedguesswork.org
|
|
| | | | | [AI summary] This article discusses password security challenges on websites, focusing on vulnerabilities like remote attacks, password reuse, phishing, and the importance of secure password storage and authentication methods. | |
| | | | |
www.sjoerdlangkemper.nl
|
|
| | | To securely store passwords they should be hashed with a slow hashing function, such as PBKDF2. PBKDF2 is slow because it calls a fast hash function many times. This blog post explores some properties that the iterations must have to be secure. | ||