Collaborate Disseminate
Before this gets flagged as a duplicate, I’m not asking a question about the disadvantages of single sign-on, I’m asking if the initial concept is flawed to begin with without enforcing two-factor authentication.
Let me explain what I mean… Continue reading Is the idea of Single Sign-On (SSO) a flawed concept without Two-Factor Authentication (2FA)?
In Java I can create a two way Hash function – if I implemented with MD5 I could write the methods toMD5Hash() and fromMD5Hash for a reversible process.
Further than that I could use TripleDes with key-based encryption in J… Continue reading What makes storing secrets in Hashicorp Vault different to using a two-way hash in Java? [on hold]
I had a friend say:
We’re securing our microservice with an HMAC derived from the private key in the jks file. [Where client and server shared the same private key]
I can understand the situation where you have an HMAC … Continue reading Is there value to signing microservice calls with an HMAC derived from the same private key?
I had a friend say:
We’re securing our microservice with an HMAC derived from the private key in the jks file. [Where client and server shared the same private key]
I can understand the situation where you have an HMAC … Continue reading Is there value to signing microservice calls with an HMAC derived from the same private key?
This question already has an answer here:
What are the implications of a SHA-1 collision being found?
1 answer
Google has ann… Continue reading What are the implications of finding a sha1 collision? [duplicate]
I’m in a bit of a quandary over Norton Safe Web’s rating of my company’s website.
My question is: is it possible for someone to fool Norton Safe Web into thinking that our website has PHP files which don’t exist? Could there be some sort … Continue reading Why is Norton Safe Web flagging my site as dangerous when it reports on PHP files/urls that don’t exist?