|
You are here |
mathiasbynens.be | ||
| | | | |
dusted.codes
|
|
| | | | | SHA-256 is not a secure password hashing algorithm | |
| | | | |
prezu.ca
|
|
| | | | | When youre accessing services over the WEB lets pick GMail as an example couple of things have to happen upfront: The server youre connecting to (GMail in our example) has to get to know who you are. Only after getting to know who you are its able to decide what resources you are allowed to access (e.g. your own email inbox, your Calendar, Drive etc.). Step 1 above is called authentication. | |
| | | | |
www.sjoerdlangkemper.nl
|
|
| | | | | ASVS states that passwords should be at most 128 characters. This originates from the idea that longer passwords take longer to hash, which can lead to a denial of service when an attacker performs login attempts with very long passwords. However, this is not generally true. With a proper hash function, longer passwords do not take a significantly longer time to hash. | |
| | | | |
github.com
|
|
| | | Contribute to cfallin/weval development by creating an account on GitHub. | ||