Information Security Stack Exchange by Kiwix

Q&A for information security professionals

Most popular questions

1220 XKCD #936: Short complex password, or long dictionary passphrase? 2011-08-10T21:38:03.210

1192 How does SSL/TLS work? 2012-09-28T07:51:55.707

862 How to securely hash passwords? 2010-11-12T12:36:34.773

825 What technical reasons are there to have low maximum password lengths? 2013-03-30T21:30:36.967

626 Do any security experts recommend bcrypt for password storage? 2010-09-16T00:05:56.970

579 How does changing your password every 90 days increase security? 2011-06-22T13:36:45.887

559 What's the difference between SSL, TLS, and HTTPS? 2011-07-10T16:40:01.383

550 How can I explain SQL injection without technical jargon? 2012-12-20T04:06:00.943

537 How to store salt? 2012-07-20T06:28:12.467

533 Why can I log in to my Facebook account with a misspelled email/password? 2019-08-06T21:26:02.770

530 Is my developer's home-brew password security right or wrong, and why? 2012-12-18T14:51:12.093

527 Police forcing me to install Jingwang spyware app, how to minimize impact? 2018-09-24T13:21:43.643

473 RSA vs. DSA for SSH authentication keys 2011-07-08T23:22:00.510

452 Are passwords stored in memory safe? 2013-01-14T19:30:00.520

435 Is it bad practice to use your real name online? 2013-12-06T11:36:25.940

399 How is it possible that people observing an HTTPS connection being established wouldn't know how to decrypt it? 2011-08-15T18:58:31.950

355 I found that the company I work for is putting a backdoor into mobile phones 2012-05-17T16:11:07.247

351 Is BASIC-Auth secure if done over HTTPS? 2010-12-05T22:42:45.140

327 What is certificate pinning? 2013-01-30T23:27:08.263

325 Why is 'Bearer' required before the token in 'Authorization' header in a HTTP request? 2015-12-21T07:20:47.527

305 Should I let my child's school have access to my kid's personal laptop? 2018-08-28T20:35:48.833

301 Is it normal for auditors to require all company passwords? 2017-10-25T17:20:55.147

300 SQL injection is 17 years old. Why is it still around? 2016-06-27T05:13:09.487

294 How can someone go off-web, and anonymise themselves after a life online? 2013-12-18T21:57:52.900

292 CRIME - How to beat the BEAST successor? 2012-09-08T19:39:32.443

291 What makes Docker more secure than VMs or bare metal? 2017-09-17T22:08:37.647

289 What's the rationale behind Ctrl-Alt-Del for login 2013-04-28T13:10:46.083

289 Why is Gbt3fC79ZmMEFUFJ a weak password? 2019-01-10T16:39:54.367

288 How does Google know where I am? 2016-09-21T14:58:50.517

287 How to find live hosts on my network? 2013-05-19T18:03:08.053

279 How did "tech-supportcenter" phishers trick Google? 2017-06-02T18:21:09.713

272 "Diffie-Hellman Key Exchange" in plain English 2013-11-24T01:10:08.450

260 Why shouldn't we roll our own? 2012-08-06T15:18:53.743

258 How to explain Heartbleed without technical terms? 2014-04-10T05:21:49.403

256 Consequences of the WPA2 KRACK attack 2017-10-16T09:32:34.993

251 How do certification authorities store their private root keys? 2012-12-03T14:12:39.953

251 Can ads on a page read my password? 2019-08-06T15:54:17.487

250 Why are salted hashes more secure for password storage? 2014-02-20T20:58:40.367

248 How is the "WannaCry" Malware spreading and how should users defend themselves from it? 2017-05-12T19:02:43.297

247 Is the save button delay in a Firefox download dialog a security feature? What does it protect? 2016-03-21T06:32:06.000

244 SSL3 "POODLE" Vulnerability 2014-10-14T23:50:28.497

242 Password Hashing: add salt + pepper or is salt enough? 2011-04-22T09:53:02.063

242 Passwords being sent in clear text due to users' mistake in typing it in the username field 2013-03-05T16:09:55.230

241 Why are hash functions one way? If I know the algorithm, why can't I calculate the input from it? 2012-02-14T11:09:49.977

237 Is single quote filtering nonsense? 2019-02-04T13:28:36.757

236 What is the difference between https://google.com and https://encrypted.google.com? 2013-03-10T15:03:15.303

235 My college is forcing me to install their SSL certificate. How to protect my privacy? 2015-11-04T13:57:57.233

235 All 0s (zeros) in a bank card's CVC code 2018-12-22T20:30:53.997

234 How does Google Authenticator work? 2013-05-01T15:24:27.927

232 Why did I have to wave my hand in front of my ID card? 2018-08-13T09:31:43.783

Tags

  All tags