fosstodon.org is one of the many independent Mastodon servers you can use to participate in the fediverse.
Fosstodon is an invite only Mastodon instance that is open to those who are interested in technology; particularly free & open source software. If you wish to join, contact us for an invite.

Administered by:

Server stats:

11K
active users

#passwordsecurity

0 posts0 participants0 posts today

What do existing applications do for upgrading password hashing strengths? I don't think I've seen any controls for overriding those things in the dashboards for anything I've used (except password managers). I'm thinking that the database migration script should update an entry with the OWASP guidelines as a default, allow the application admin the option to override it and auto-update user's hashed passwords on next successful login.
#PasswordSecurity #Security #OWASP

Still thinking about that one German comedy series on #PrimeVideo where a guy has to figure out a 4 digit code to open a lock. It was exactly my PIN that Amazon wants me to enter for R-rated movies.

And I‘m honestly unsure if that was a huge coincidence or if Amazon secretly adapted the steam to every person individually. The digits were spoken from an offscreen actor so it would have been possible with just audio trickery.