Collaborate Disseminate
There’s someone requesting password change to my PSN account today! I got a email saying that:
Password Change Notification Click the button below to continue.
Change Password This link expires 24 hours from the time it was sent.
This lin… Continue reading Someone accessed my PSN account [closed]
I am creating a simplified lead and call management system for a friend’s small business.
I would like to know the best practices for hardening password storage and verification using PHP 7.4 and MySQL 7.4.30.
I would like something very s… Continue reading Best practices for storing passwords for PHP and MySQL applications [duplicate]
In OpenVPN GUI, I am getting the red message
WARNING: this configuration may cache passwords in memory — use the auth-nocache option to prevent this.
I do not want to always re-type my password again and again. Is there a way to suppres… Continue reading OpenVPN: how to suppress "WARNING: this configuration may cache passwords in memory — use the auth-nocache option to prevent this"
I am configuring an application server hosted on EC2 instance to send e-mail notifications.
This requires configuring SMTP settings and storing them, including password, in a config file:
gitlab_rails[‘smtp_address’] = "mail.example.c… Continue reading Storing password in config file – best practice
Thought experiment story of someone who lost everything in a house fire, and now can’t log into anything:
But to get into my cloud, I need my password and 2FA. And even if I could convince the cloud provider to bypass that and let me in, the backup is secured with a password which is stored in—you guessed it—my Password Manager.
I am in cyclic dependency hell. To get my passwords, I need my 2FA. To get my 2FA, I need my passwords.
It’s a one-in-a-million story, and one that’s hard to take into account in system design.
This is where we reach the limits of the “Code Is Law” movement…
Over the years I’ve noticed that more and more login pages implement an eye icon next to the password field, that on click toggles between hidden and plaintext view of the password typed in that field.
Why is this feature becoming more wid… Continue reading Displaying a user’s password in plaintext on login pages. Why is this practice becoming more widespread? [duplicate]
When I want to install Ultrasurf extension it gives me this message:
So I do not understand what this "Change your search setting to: smartwebfinder.com" wants to do.
When I go to this website : smartwebfinder.com it redirects m… Continue reading What will happen if I accept this "Change your search setting to: smartwebfinder.com"?
I’m doing a CTF on vulnhub and I need to brute force SSH. I’ve got 6 usernames and 15.000.000 passwords to try so I’m brute-forcing with hydra by running
hydra -L users.txt -P $LIST/rockyou.txt -t 64 -o hydra_bruteforce.txt ssh://grotesque… Continue reading Fastest way to brute force SSH
Data breaches now happen so often that we don’t even pause when reading yet another headline notifying us of the latest one. We react only if the breach happened to a service we use – and maybe not even then. But we should all be aware that once one of… Continue reading Review: Enzoic for Active Directory
(I’ve researched this beforehand but cannot find a similar enough question, hence this one).
I have a plugin for Visual Studio that crashes; the vendor has asked me to upload a minidump with heap of this crash but Visual Studio fails to wr… Continue reading Third party wants full core dump of crashing app – safe?