Collaborate Disseminate
I recently ran an account security check through my bank’s web site, and my bank "reassured" me that I have a strong password.
Should I be concerned that they know that? I had assumed that they only stored a (hopefully salted) ha… Continue reading Should I be concerned that my bank told me that I have a strong password? [duplicate]
For Enterprise, how to know if Edge Password AutoSave is less secure than copy/paste to a desktop password manager which is open source?
IMHO Edge should be more secure because:
copy/paste has security drawbacks
Edge (Enterprise grade) up… Continue reading Is Edge (Enterprise) Password feature less secure than open source local password manager? [closed]
When I came to the topic of Ansible (Vault), when deploying secrets in Ansible and other passwords up to 128 characters Shamir’s Secret Sharing would be an ideal solution I think:
The secret is never in one spot
The secret can be encrypte… Continue reading Why don’t basically all "clusters" and similar distributed systems use Shamir’s secret sharing method? [migrated]
For a web service, I am considering generating random 25-49 recovery codes as a kind of pass that can be stored in a pass manager (no usernames).
Instead of pass(word) hashing on the server, I consider hashing the pass on the client with p… Continue reading Is pass -> [via pbkdf2] -> seed -> ECDSA key pair better than pass(word) hashing?
I found a file named passwords.passsafe in an old backup of mine, with a timestamp from July 2000. I’m not 100% sure I remember the password. I have unsuccessfully tried to decrypt it using Password Safe (v1.12 by Rony Shapiro, installed f… Continue reading What file format could this password safe file be in? [migrated]
Use this comprehensive list of strategies to help you safeguard your company’s data from threats and data breaches. Continue reading How to Protect and Secure Your Data in 10 Ways
First of all, I know that passwords generally do not have to be stored in a JWT or JWS since the token in itself can be used to authenticate. My circumstances are very specific though.
In my program, I need to startup a process as the user… Continue reading Is it bad practice to store passwords in a JWE? If so, why?
I recently changed my password for my local Windows 10 account and found out that my usernames/passwords in Brave’s password manager are no longer visible.
Unfortunately, I executed Brave after the password change and I’m told that this ch… Continue reading Recovering Lost Brave Browser Usernames and Passwords
Is it safe not to have a 2FA for a password manager itself?
It seems that using an app for TOTP authentication for a password manager could increase the security. But it turns out that in this case I should remember by heart the password f… Continue reading Security of password managers vs. risk of losing access
Okta’s formula for multi-device identity authentication for a hybrid workforce: extract passwords, add ease of passkeys across devices.
The post Okta moves passkeys to cloud, allowing multi-device authentication appeared first on TechRepublic.
Continue reading Okta moves passkeys to cloud, allowing multi-device authentication