Collaborate Disseminate
One of the biggest security risks of modern-day business is the mass use of passwords as the prime authentication method for different applications. When the technology was first developed, passwords were perceived by individuals and businesses alike a… Continue reading The world’s worst kept secret and the truth behind passwordless technology
As far as I know, Windows computers are not encrypted by default in case you are not signed into a Microsoft Account. Considering the aforementioned fact I cannot understand the purpose of the login password, if a person can just get the S… Continue reading How does Windows password protect my data?
After a password leak, is there a Levenshtein distance from which one a newly derivated password can be considered safe?
I assume yes, given that if e.g. the word was "password", and the new one is "drowssap", the dista… Continue reading After a password leak, is there a Levenshtein distance from which one a newly derivated password can be considered safe?
I have a concern regarding how risky it is if someone knows or has the copy of my 2 IMEI numbers. As we all know, on Android phones, the IMEI are at the back cover of the phone like a sticker.
So, my question is, what if someone intentiona… Continue reading What is the impact of someone accidentally getting my IMEI number from my Android phone?
I recently learned (read) the math behind RSA encryption (algorithm). Now, I wonder if there is a way to use a custom password instead of the private key.
Imagine a web application, where user signs up with a username and password. If a we… Continue reading Password based RSA encryption
DocuSign requires that your password "must not contain the characters <, > or spaces."
Is this not an odd requirement? Despite being a leader in online document signing, my gut tells me there’s something odd under-the-hood…. Continue reading Why does DocuSign require that your password "must not contain the characters <, > or spaces."?
At work we are using a secure file transfer utility that, after setting it up, sends you and the participants you want to share those files with, two emails. One email contains the randomised username, another one the password. I understan… Continue reading If email is an insecure medium, why are usernames and passwords sent via email (albeit in separate ones)?
One the Hashicorp Vault basic feature is secret leasing. They state:
Leasing and Renewal: All secrets in Vault have a lease associated with them. At the end of the lease, Vault will automatically revoke that secret. Clients are able to re… Continue reading What are the advantages of password "leasing"
One the Hashicorp Vault basic feature is secret leasing. They state:
Leasing and Renewal: All secrets in Vault have a lease associated with them. At the end of the lease, Vault will automatically revoke that secret. Clients are able to re… Continue reading What are the advantages of password "leasing"
I am currently trying to solve the RazorBlack room on tryhackme. After enumerating the machine, I created a list of valid usernames and was also able to crack the password of one of the users. Now I want to check if one of the users is usi… Continue reading crackmapexec continue after finding first match