Collaborate Disseminate
Referencing this document, they give justifications for a number of their recommendations, but not any behind only going with 1 degree of parallelism for using Argon2id. Is there a reason why this is recommended that is unmentioned there?
… Continue reading Why does OWASP recommend only 1 degree of parallelism for Argon2id
Hypothetically, would it be safe to encrypt company text only files with the less secure MD5 hash, if the files are all stored locally on local servers with their own security measures?
Continue reading Is it safe to encrypt company text files with MD5 hash?
How could one verify the integrity of all binaries of packages installed manually via installers and dpkg on Debian/Linux?
So far the only thing I could think of is this:
verify that which veracrypt returns /usr/bin/veracrypt
So I was reading through an article about how passwords are salted and hashed through a cryptographic function here, and found out that hashed passwords, along with the plaintext salt values are stored in the database.
Now, I was wondering… Continue reading Question about storing salt values and hashed passwords in the database [duplicate]
I generate a random string of 32 characters and then compute the SHA-512 hash then I encrypt the unhashed string. I then save the encrypted text and hash to the database. Is it okay to store the hash of the original text? Will it make the … Continue reading Storing the hash of the plaintext and the encrypted plaintext next to each other [closed]
I generate a random string of 32 characters and then compute the SHA-512 hash then I encrypt the unhashed string. I then save the encrypted text and hash to the database. Is it okay to store the hash of the original text? Will it make the … Continue reading Storing the hash of the plaintext and the encrypted plaintext next to each other [closed]
I want to test how secure our internal application is and I was wondering if it is possible to figure out the salt or something if I know the following info about a few accounts (basically the hash and the actual password for multiple user… Continue reading Figure out the Salt? [duplicate]
I generate a random string of 32 characters and then compute the SHA-512 hash then encrypt the unhashed string. I then save the encrypted text and hash to the database. Is it okay to store the hash of the original text? Will it make the en… Continue reading Storing the hash of the plaintext and the encrypted plaintext next to each other [closed]
I just saw this article and many like them before where they use a video of some random movement and a hashing function to make a cryptographic random number generator
but I’m always curious why this is as "unpredictable" as they… Continue reading Random based on video input, why isn’t there some predictability [migrated]
Context:
When the Twitch whole code repository was leaked, it created multiple discussions on social medias.
And one day I was on Reddit and said that the leak of the hashing algorithm and the salt would possibly put ALL of the website acc… Continue reading How bad would a Hash algorithm leak would be?