Collaborate Disseminate
I am a big fan of 1Password. And I try to save my passwords in 1Password as much as possible.
However, there are environments where 1Password cannot be used. That is the password to protect 1Password itself and the password for full disk e… Continue reading How do I remember passwords for environments where Password Manager is not available?
Lets say my password is AppleDogFire642!.
What would be the potential security consequences if my password hint was BananaCatSmoke123@?
Continue reading Is it safe for my password hint to be synonymous to my password?
I got to thinking this morning over my coffee, that it would be nice if I could encrypt data for a Tenant with one key, and decrypt it with another key. In such a way that only a logged in User can access data in his organization (Tenant)…. Continue reading Asymmetric encryption of user’s data
I use an old AirPort Extreme to provide WiFi in my home. It provides a 2.4 and 5.0 GHz network with a good password, only available to me and my wife. It also provides a separate guest network without password. The benefit is that visitors… Continue reading Wi-Fi with guest network
My company is using cPanel emails, recently while reviewing email forwarders, I noticed an email in the "Forward To" list that our sales email is being forwarded to it and that was unknow to me before, knowing that only me have a… Continue reading Can an email address be added to "Forward To" list in cPanel without accessing the cPanel?
Secret Double Octopus and Dimensional Research surveyed over 300 IT professionals with responsibility for workforce identities and their security at organizations with more than 1,000 employees, in order to learn more about the state of workforce passw… Continue reading The future of MFA is passwordless
Is it secure to expose a salted bcrypt hash (minimum 14 cost) if the used password is 72 characters (maximum) byte long, randomly generated letters, numbers, and special characters using secure generator?
Is it secure against offline brute… Continue reading Is it secure to expose a salted bcrypt hash IF it is maximum length random secure password?
During a CTF, I came across a certain hash type which can’t be identified by various tools (hashID, crackstation, hashes.com, etc.)
The data is as so:
– Plaintext : abc123
– Hash : 7inmu7WsEM3erPqQT23neSWBybGgry5QSq4yXdUS+rA=
– Salt : k5m… Continue reading Unknown Hash Type
words = [‘cyse’, ‘gmu’, ‘mason’, ’20’, ’21’, ’22’, ’23’, ’24’ ]
cases = []
for word in words:
pr = product(*zip(word, word.upper()))
cases += [set(map(”.join, pr))]
for perm in permutations(cases):
for prod in product(*per… Continue reading python script output is not generating the world list the right way
I tried to dump the Windows password hashes from the SAM file decrypted using the key contained in the SYSTEM file (both located under C:\Windows\System32\config) or obtained from the HKEY_LOCAL_MACHINE registry entry, using samdump2.
In b… Continue reading Modern Windows password hash location – ex SAM and SYSTEM files [duplicate]