Collaborate Disseminate
As per Bitwarden’s FAQ
If you don’t have your Recovery Code saved somewhere outside of your Vault, there is unfortunately no way for the team to recover the account or data therein. You’ll need to delete your account and start a new one.
… Continue reading How can losing 2FA render encrypted data inaccessible?
While using a password+ manager is a know must for sensible security, one nuisance (from an UX point of view) I encounter is that there are different password "tiers". Pretty obviously my e.g. file encryption and online banking a… Continue reading How to best separate password "tiers" or not at all?
Despite best efforts it is pretty clear that most users reuse their credentials, especially for what they consider non-critical sites such as forums. While TFA does mitigate the potential damage of this a bit (aside from its other benefits… Continue reading Does a password-derived public key authentication improve security over pure password-based authentication?
This question already has an answer here:
Do salts have to be random, or just unique and unknown?
6 answers
Just out of c… Continue reading Is a combination of user login and site domain a sensible salt? [duplicate]
While it is theoretically possible to thoroughly examine the source code of Open Source Software to check for backdoors (neglecting a Ken Thompson hack), and given sufficiently adequate knowledge in Electrical Engineering one… Continue reading How to trust ICs?
There’s the recent article NSA seeks to build quantum computer that could crack most types of encryption. Now I’m not surprised by the NSA trying anything1, but what slightly baffles me is the word “most” – so, what encryptio… Continue reading What kinds of encryption are _not_ breakable via Quantum Computers?
gpg2 generates keys with one or several of the (S)igning, (E)ncryption, (C)ertification usages set. However, e.g. Enigmail creates a primary key also set for (A)uthentication, which GnuPG then shows. How can this be set/modif… Continue reading How to change (sub)key usage of a PGP key?
Since most key types can be used for multiple purposes, namely certification, authentication, encryption and signatures, one could simply use one key for everything – which is a bad idea, as elaborated e.g. by Thomas Pornin. … Continue reading What is a good general purpose GnuPG key setup?
I do not mean simply putting the public RSA key of a x.509 certificate into ~/.ssh/authorized_keys – I’m looking for a way to set up a ssh such that x.509 certificates signed by a pre-defined CA will automatically be granted access to the … Continue reading How to set up OpenSSH to use x509 PKI for authentication?
From my (still quite subjective) point of view, GnuPG/PGP is superior to SSL (or more specifically, PGP/MIME over S/MIME; maybe in other areas SSL is the better choice), e.g. due to the support of subkeys to separate signing and encryption… Continue reading Apart from the lack of native Outlook support, why should one prefer S/MIME over PGP/MIME for email?