Explore >> Select a destination
|
You are here 
|
neilmadden.blog | ||
| | | | |
pboyd.io
|
|
| | | | | Here's a fun list to look through: Dumb Password Rules. Most of the rules seem arbitrary, like only allowing digits, but some hint at deeper problems. For instance, preventing single-quotes. They aren't inserting passwords into a database without a SQL placeholder, right? Nearly every site on that list has a needlessly short maximum password size. If they're storing passwords correctly, there's no need for this. This post will go through a few bad ways to store a password and you can see what I mean.... | |
| | | | |
www.latacora.com
|
|
| | | | | When people talk about PBKDFs (Password Based Key Derivation Functions), this is usually either in the context of secure password storage, or in the context of how to derive cryptographic keys from potentially low-entropy passwords. The Password Hashing Competition (PHC, 2013-2015) was an open competition to derive new password hashing algorithms, resulting in Argon2 hash as its winner. Apart from achieving general hash security, many of the candidates focused on achieving resistance to parallel attacks ... | |
| | | | |
educatedguesswork.org
|
|
| | | | | [AI summary] This article discusses password security challenges on websites, focusing on vulnerabilities like remote attacks, password reuse, phishing, and the importance of secure password storage and authentication methods. | |
| | | | |
blog.torproject.org
|
|
| | | Tor is upgrading its relay encryption algorithm for improved security. In upcoming releases, Arti and Tor will both support a new encryption algorithm called Counter Galois Onion (CGO). CGO prevents attackers from tampering with encrypted traffic, adds forward secrecy, and brings Tor's encryption up to modern standards. | ||
