Collaborate Disseminate
I am currently using 9 digit numbers to authenticate writers on two apps. In the first app, this unlocks editing tools for use in making content rich dhtml documents which are stored on the local machine by default. With the … Continue reading Is using weak login credentials always bad?
If a site has experienced a breach such that usernames and passwords have been leaked, should passwords be changed if 2FA or MFA is enabled?
Before this question is potentially marked as duplicate, the question “Will 2FA pr… Continue reading Should breached passwords be changed if 2FA or MFA is enabled across all sites/systems?
I’m playing around with Kali and am looking to crack my WPA2 default password.
I started generating 10 character passwords with a charset of solely digits and upper alpha lastnight and after 10 mins, I had a 40gb text file a… Continue reading Generating passwords with rule: the contents within a 10 characters string must maintain a certain ratio of numbers and letters in no particular order
We are in a mid-sized enterprise environment and are looking at forcing specific passwords for all users. I’ve found nothing recent or relevant about this.
Justification:
The main reason is to ensure that personal passwor… Continue reading Setting passwords for domain users, not expiring them, and not allowing them to be changed by users
I have been seeing a shift in password policy, this has been going on for a while (Article from 2017) but I have only just picked up on this. In my organization we expire the user passwords every 90 days. When they set up the… Continue reading Does password expiry provide any benefit at all (when using randomly generated passwords)?
This question already has an answer here:
Is it unsafe to show message that username/account does not exist at login? [duplicate]
7 answers
I have just started to explore HIBP to check whether we can use HIBP in our public facing interfaces.
AS per my read I have 3 options to check out.
Download the password dictionary and implement my own breached password ch… Continue reading Is haveibeenpwned (HIBP) free and reliable?
Some system, when you change your password, they don’t let you re-use previous passwords. For example, you use password 1, then change it to password 2, and then when you try to go back to password 1, it blocks you.
Consider this scenario.
A small company with several small teams (2-3 members). Each team manages their own passwords for their systems. Now, in the case when the whole team perishes in an accident, what’s the policy or best… Continue reading Best practices for sharing or managing passwords between teams
Im trying to create a secure portal for parents to view their sons or daughters information.
I would need to have a register page. Im having trouble with hashing and salting the password.
Then I need help with decoding the … Continue reading Secure Register – Login Portal