Understand AES best practices, block padding, and modes
AES is the most widely used symmetric cipher—used in HTTPS/TLS, Wi‑Fi, full-disk encryption, and messaging. Understanding AES clarifies modern encryption.
AES is the most widely used symmetric cipher—used in HTTPS/TLS, Wi‑Fi, full-disk encryption, and messaging. Understanding AES clarifies modern encryption.
Managing many site passwords is risky. FIDO (Fast IDentity Online) enables passwordless login using fingerprint or face scan.
I found a simple explanatory video: You're Storing Passwords Wrong. Here's The Fix - LearnThatStack, so I will record knowledge related to password storage.
Symmetric encryption uses the same key for encryption and decryption by both parties, posing risks such as key sharing and interception
JWT stands for JSON Web Token, a standard based on RFC 751 that is used to transmit JSON objects between two entities.
Authentication and Authorization are two concepts in access control, representing the questions: Who are you? What are you allowed to do?
CORS (Cross-Origin Resource Sharing) is a mechanism that determines whether a web page can access resources from other origins.
Regardless, one should never easily trust user requests to prevent CSRF. I've recently found my knowledge in this area lacking, so I'm catching up.
The summary is to never easily trust user input to prevent XSS to the greatest extent. Recently, I found my knowledge in this area lacking.