-
http://security.stackexchange.com/questions/3272/password-hashing-add-salt-pepper-or-is-salt-enough
Test the impact on hashing performance.
-
Hi,
Please could someone help me with what the Docker compose needs to be for a local/lan only (no ngix) set up?
I’ve tried what i can, and have got the following, so far, which is not quite wor…
-
# CoinMode Security Bounty Program
### Status: **ACTIVE!**
CoinMode looks forward to working with the security community to find security vulnerabilities in order to keep our businesses and user…
-
Hello lei,
👍 Nice work! In order to learn web security, we have to learn the basics of web development. Because web development isn't the goal of this course, everyone will receive the same UI sco…
-
### Steps to reproduce the bug
```bash
1. Signin as (project) admin
2. Go to a project you're admin for and select Download Project Task
3. Click on Generate for Export SQL
4. Run the background j…
-
The timing attack algorithm should be able to discover a valid, hard-coded, API key with zero knowledge.
Some ideas:
- [ ] Brute force the last N chars
- [ ] In systems with many valid API keys it mi…
-
The protocol currently has several security weaknesses that should be addressed:
- [x] 1. The initial handshake is neither encrypted, nor authenticated
- [ ] 2. Message headers are not encrypted
…
-
Hi,
Does the RPC interface (I use it with '--rpc-secret=(...)' option) have any built-in protection mechanism against brute-force attacks?
I didn't find any detailed information about it (I also…
-
Combined from #234, #227
1. Adding characters to a strong password should not reduce its strength.
Ex. Make a strong password, add some characters/digits of the same kind (AAAAAA) > password stre…
-
Hello Yuchen,
👍 Nice work! In order to learn web security, we have to learn the basics of web development. Because web development isn't the goal of this course, everyone will receive the same UI …