Collaborate Disseminate
PINs secured by TPM or similar hardware are secure even if short and only numeric because the TPM can throttle and lock after several attempts. I’m concerned about PIN reuse. I suspect most people are using the same PIN everywhere.
Should … Continue reading Autogenerated PINs
A burglar took my phone so I reported it to the police and phone company to blacklist it. They only asked for the first IMEI even though the phone has two IMEI since it can accomodate two SIMs. The IMEIs are consecutive when stripping the … Continue reading Reporting dual sim phone stolen [closed]
Comes from Bitlocker, does additional authentication at startup with TPM device provide any extra security?
You can sniff the key right from the bus currently:
As the decryption happens automatically, if we can sniff the VMK as
its being … Continue reading Why does Windows not enable TPM 2.0 parameter encryption to protect against bus sniffing of Bitlocker key?
I don’t like my server having access to plaintext passwords. Instead of SRP, OPAQUE or another PAKE that needs several rounds, I was thinking I could take the username, server url and password, run a hardened hash like scrypt and generate … Continue reading Replace hashed password by public key generated from password