uncleflo
Registered since September 28th, 2017
Has a total of 4281 bookmarks.
Showing top Tags within 13 bookmarks
howto information development guide reference administration design website software solution online service product business uk tool company linux code server application system web list video marine create data experience tutorial description explanation learn technology build article blog world project boat download windows lookup security free performance javascript technical london beautiful control network tools support course file research purchase image library programming youtube example php construction install opensource community html quality computer feature profile power browser music platform process mobile work user share manage professional database hardware buy industry advice internet dance developer installation search 3d camera customer access travel material standard money test develop documentation review css engineering photography webdesign engine device digital speed event api source management question program client phone discussion content simple story water marketing yacht app account setup interface package idea fast communication compare cheap script market study easy live google resource operation demonstration contact startup
Tag selected: hash.
Looking up hash tag. Showing 13 results. Clear
Securely Hash Passwords with PHP
Saved by uncleflo on December 27th, 2017.
PHP 5.5+ now comes baked with a password_hash function to generate secure, one-way hashes along with a password_verify function to match a hash with the given password—If you’re a PHP developer, you should always be securely storing user passwords, no excuses. Developers have a huge responsibility when handling and storing user-sensitive information, such as a password. We should take extra precaution and the necessary steps to make sure the user’s data is safe and secure*. *Please keep in mind the following implementation is only part of the problem since it handles the data once the web server receives it; however, it does not address the other issue of securely sending the sensitive data over-the-air from the browser to the server, which is why a valid SSL certificate is necessary.
design development tutorial review journal handle store server security hash function password PHP precaution implement browser ssl php howto technical guide description understand
Password security in modern PHP
Saved by uncleflo on December 27th, 2017.
Discover how PHP 5.5 enables more-secure password handling. PHP, from the beginning, was a programming language made for building websites. That idea is in PHP's core far deeper than in any other programming language — perhaps one reason why PHP became and remains so popular for building web applications. But when PHP was first crafted in the mid-1990s, the term web application didn't even exist yet. Password protection, then, wasn't one of the features that the PHP creators devoted resources to. After all, you didn't need to worry about passwords when you used PHP just to put a site-visit counter or a date-modified stamp on your web page. But 20 years have passed, and now it's almost unthinkable to create a web application that doesn't involve password-protected user accounts. It's of the utmost importance that PHP programmers safeguard account passwords by using the latest and most secure methods. To that end, PHP 5.5 added a new password-hashing library created by Anthony Ferrara (@ircmaxell). The library makes several functions available that you can use to handle one-way password encryption with current best-practice methods. Other features anticipate future security needs so that as computers and hackers get more advanced, you can stay a step ahead of the bad guys. This article gives you an in-depth introduction to the library's functions and how to make the best use of them.
password security development php secure discover learn howto webpage modify feature resource language popular build encryption hash need best practice important complex difficulty sha md5 crypto salt generate algorithm software solution guide technical ibm library
NaCl: Networking and Cryptography library
Saved by uncleflo on July 10th, 2017.
NaCl (pronounced "salt") is a new easy-to-use high-speed software library for network communication, encryption, decryption, signatures, etc. NaCl's goal is to provide all of the core operations needed to build higher-level cryptographic tools.
Of course, other libraries already exist for these core operations. NaCl advances the state of the art by improving security, by improving usability, and by improving speed. The following report contrasts NaCl with other libraries from a security perspective: (PDF) Daniel J. Bernstein, Tanja Lange, Peter Schwabe, "The security impact of a new cryptographic library". Pages 159–176 in Proceedings of LatinCrypt 2012, edited by Alejandro Hevia and Gregory Neven, Lecture Notes in Computer Science 7533, Springer, 2012. ISBN 978-3-642-33480-1. The following report was created for Research Plaza and gives an introduction to NaCl for a wider audience: (PDF)
cryptography library speed performance security hash communication stream compare software solution product research opensource public salt operation core signature advance audience
The security impact of a new cryptographic library - Daniel J. Bernstein, Tanja Lange, and Peter Schwabe
Saved by uncleflo on July 10th, 2017.
This paper introduces a new cryptographic library, NaCl, and explains how the design and implementation of the library avoid various types of cryptographic disasters suffered by previous cryptographic libraries such as OpenSSL. Specifically, this paper analyzes the security impact of the following NaCl features: no data flow from secrets to load addresses; no data flow from secrets to branch conditions; no padding oracles; centralizing randomness; avoiding unnecessary randomness; extremely high speed; and cryptographic primitives chosen conservatively in light of the cryptanalytic literature.
confidentiality integrity speed simplicity security simple integral performance confidential secure library hash salt implement paper academic review analysis feature explanation read article
php-encryption - Simple Encryption in PHP.
Saved by uncleflo on July 10th, 2017.
This is a library for encrypting data with a key or password in PHP. It requires PHP 5.4 or newer. The current version is v2.0.0, which is expected to remain stable and supported by its authors with security and bugfixes until at least January 1st, 2019. The library is a joint effort between Taylor Hornby and Scott Arciszewski as well as numerous open-source contributors. What separates this library from other PHP encryption libraries is, firstly, that it is secure. The authors used to encounter insecure PHP encryption code on a daily basis, so they created this library to bring more security to the ecosystem. Secondly, this library is "difficult to misuse." Like libsodium, its API is designed to be easy to use in a secure way and hard to use in an insecure way.
php sodium encryption salt hash opensource library secure security installation portable data development administration api system
The Sodium crypto library (libsodium)
Saved by uncleflo on July 10th, 2017.
Sodium is a modern, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, installable, packageable fork of NaCl, with a compatible API, and an extended API to improve usability even further. Its goal is to provide all of the core operations needed to build higher-level cryptographic tools. Sodium supports a variety of compilers and operating systems, including Windows (with MinGW or Visual Studio, x86 and x86_64), iOS and Android. The design choices emphasize security, and "magic constants" have clear rationales. And despite the emphasis on high security, primitives are faster across-the-board than most implementations of the NIST standards.
encryption decryption software sodium natrium modern easy hash password protection extend package system windows core operation usability php development administration security code library implement perl installation documentation instructions
Secure hash and salt for PHP passwords
Saved by uncleflo on October 17th, 2016.
It is currently said that MD5 is partially unsafe. Taking this into consideration, I'd like to know which mechanism to use for password protection. This question, Is “double hashing” a password less secure than just hashing it once? suggests that hashing multiple times may be a good idea, whereas How to implement password protection for individual files? suggests using salt.I'm using PHP. I want a safe and fast password encryption system. Hashing a password a million times may be safer, but also slower. How to achieve a good balance between speed and safety? Also, I'd prefer the result to have a constant number of characters.
security password hash salt stackoverflow information developer development howto advice guide implementation mechanism idea protection website consider hashing entropy strength alternative snippet
Update: New 25 GPU Monster Devours Passwords In Seconds
Saved by uncleflo on October 17th, 2016.
There needs to be some kind of Moore’s law analog to capture the tremendous advances in the speed of password cracking operations. Just within the last five years, there’s been an explosion in innovation in this ancient art, as researchers have realized that they can harness specialized silicon and cloud based computing pools to quickly and efficiently break passwords.
security bruteforce password crack description hash researcher speed research vlsi silicon chip hardware combination gpu administration
A Simple Introduction to URL Routing | SoftFinity -
Saved by uncleflo on February 22nd, 2015.
URL Routing means that you when click on a link, instead of being routed to another page, you stay on the same page and the content changes. When this happens, usually a “hash” will be appended to your current URL so that the user can go directly to the content they need as well as using back and foward buttons in the browser. URL routing is a foundation of almost any single page web application. Sammy.js is a very simple library for doing just that, and I will provide a simple example of how to use it at the end of this article.
router browser route url link content change javascript hash application single simple howto works article introduction engine advantage model
MD5 Hash for "yahoo" and its variants. Reverse look-up.
Saved by uncleflo on January 24th, 2011.
wordd.org offers the ability to find out reverse look-up salt-less md5 hashed words such as "yahoo" and a set of common variants. This is not intended as a tool to hack passwords, but to recover them from databases such as wordpress that store unsalted hashes. Got salt? Salting means prepending or appending a letter or word to a your object prior to hashing it. In theory this makes sites like this one useless, as common hashes cannout be anticipated. It is recommended that everyone salts passwords before hashing. This prevents brute-force cracking to say the least.
No further bookmarks found.