Collaborate Disseminate
I am aware of at least one solution for this, but times change and standards change, and I’m not an expert in this field.
So for the average person looking to create secure hashes for passwords and other uses, what is a good tool for that?… Continue reading What’s a good password hashing tool for the general public? [closed]
Do you have to make a key hash with securely-optimum setting (eg. 100MB memlimit, 3 opslimit) for encryption ?
So I’m making a text encryption function with javascript, using XChaCha20-Poly1305 and Argon2id. It’s already working. The way i… Continue reading Key Hash With Securely-Optimal Setting : For Encryption vs For Password
I have been trying to do it with john the ripper as the following:
john –FORMAT=NT –wordlist=~/usr/share/wordlists/rockyou.txt hash.txt
the hash I am trying to crack is:
Computer:1001:aad3b435b51404eeaad3b435b51404ee:b5f121d454eb1a541ac… Continue reading John not cracking an NTLM hash
I got several unauthorized sign in attempts to my microsoft account. (All from the United States, no more detailed information was ever made available that I know of.) I was able to interrupt these via two factor authorization. Two days ag… Continue reading Changed my microsoft password, STILL getting unauthorized sign in attempts
Gandalf is an interactive LLM game where the goal is to get the chatbot to reveal its password. There are eight levels of difficulty, as the chatbot gets increasingly restrictive instructions as to how it will answer. It’s a great teaching tool.
… Continue reading Practice Your Security Prompting Skills
If you could dump the flash from your smart toothbrush and reverse engineer it, enabling you to play whatever you wanted on the vibrating motor, what would you do? Of …read more Continue reading Sniffing Passwords, Rickrolling Toothbrushes
I’m working on a new web app, and I chose Bcrypt to hash the passwords. To overcome the 72 byte limit on Bcrypt, I’m planning to pre-hash the passwords with SHA-256. However I researched a little and found out this isn’t recommended becaus… Continue reading Can I protect against password shucking just by salting the pre-hash?
The usage of platforms like Cash App, Zelle, and Venmo for peer-to-peer payments has experienced a significant surge, with scams increasing by over 58%. Additionally, there has been a corresponding rise of 44% in scams stemming from the theft of person… Continue reading Scammers using AI voice technology to commit crimes
I know that when you attempt to log in to a device via SSH, upon inputting an incorrect password, you must wait several seconds before you get another attempt. This is obviously a deterrent against brute force attacks. But what’s stopping … Continue reading What’s stopping attackers from brute forcing SSH passwords over new sessions?
An number of years ago, the libxcrypt project has decided to change the crypt interface such that instead of returning a null pointer on failure, it returns a valid string starting with *, such as *0. They call this a "failure token&q… Continue reading libxcrypt "failure token" *0