UUID – Page 3 – WindowsTechs.com

UUID as auth token

Posted on October 24, 2019 by Schwefelhexa

I am working on a small IOT device that basically is a status display, which includes data about my phone. That means that I have a simple web server running, which can be used to update the devices display using POST request… Continue reading UUID as auth token→

Are GUIDs safe for long lived access tokens?

Posted on October 11, 2019 by gordon

There is a peice of software i am using at work that has several components to it, lets call them the server and agents.

the server runs an api over https that the agents use to communicate with it.

the server can be cloud … Continue reading Are GUIDs safe for long lived access tokens?→

Passing user ID as parameter without any authentication, what are the security risks?

Posted on July 31, 2019 by catandmouse

I’ve read that passing GUID as URL parameter isn’t considered insecure because usually, an app has an authentication mechanism (checking against some session token).

However, how secure would an application be if the user’s … Continue reading Passing user ID as parameter without any authentication, what are the security risks?→

Identifying devices in mobile app using UUID

Posted on May 25, 2019 by blejzz

I have a mobile application, for Android and iOS (both native), that communicates with the backend through a REST API (over HTTPS).

The application allows users to sign in or use the app as a guest, but in both cases I need… Continue reading Identifying devices in mobile app using UUID→

COM Classes CLSID

Posted on May 19, 2019 by user42080

Would malware ever create a CLSID or would they just use them? This question is derived from studying COM objects. So an Adobe exploit would have an Adobe CLSID in it. Does malware ever create a CLSID to function or integrate… Continue reading COM Classes CLSID→

Purpose of using GUID for files along with underlying permissions checks

Posted on March 13, 2019 by sam

Some sites utilize a GUID for a file name when it goes in storage. For example, when you load up a receipt, instead of having the receipt named something like 1200 (an incremental number), it will have a GUID instead. What is… Continue reading Purpose of using GUID for files along with underlying permissions checks→

How to solve the problem of secure randomly generated GUIDs when the size of the data outgrows the GUIDs

Posted on February 17, 2019 by Lance Pollard

I’ve been struggling with this problem for a little while… How to hide the order that records were created in, basically. You typically do this by generating a “GUID”. But this GUID is arbitrarily chosen to be a very large … Continue reading How to solve the problem of secure randomly generated GUIDs when the size of the data outgrows the GUIDs→

Using a GUID as an authentication token (and how it could be improved)

Posted on February 7, 2019 by Alessandro

I’m implementing a Whatsapp Web-like feature for my Android application. User should be able to open an HTTPS web application that displays a QR code (a GUID generated by the server) and scan it using her device sending it ba… Continue reading Using a GUID as an authentication token (and how it could be improved)→

Mobile application authentication using UUID

Posted on September 18, 2018 by Guest

I write back-end code for mobile applications. I am needing to write the code for authentication and the simplest yet secure solution I can think of is:

When user signs in, device sends username and password to server
If cr… Continue reading Mobile application authentication using UUID→

Using the user’s GUID-id as a salt for Rfc2898DeriveBytes

Posted on May 19, 2018 by HCL

I use the Rfc2898DeriveBytes for creating an AES key for protecting the user’s data.
For the salt value I would like to use the user’s id, which is a guid.

My understanding is, that the only drawback of using the user’s id w… Continue reading Using the user’s GUID-id as a salt for Rfc2898DeriveBytes→