n-l-i – WindowsTechs.com

Benefits of random responses to exceptions over generic error responses

Posted on April 1, 2024 by n-l-i

Attackers can send requests with data that the server does not expect in order to try to get responses that reveal secret data. One common example is when the server experiences an exception. A poorly configured server might include a deta… Continue reading Benefits of random responses to exceptions over generic error responses→

How could one use multi-factor authentication to derive a static secret key?

Posted on March 30, 2023 by n-l-i

Scenario:
The setup is that each user has a randomly generated key A used for encrypting data stored on the server and a password-derived key B used to store A on the server without the server getting access to A. So the server stores the … Continue reading How could one use multi-factor authentication to derive a static secret key?→