𝙰𝚗𝚝𝚑𝚘𝚗𝚢 ⚡

Find a job: talent.io/ref/hXijKZsQ Cashback: fr.igraal.com/?parrain=AG_5c…

How to store passwords safely in the database and how to validate a password? Let’s take a look. 𝐓𝐡𝐢𝐧𝐠𝐬 𝐍𝐎𝐓 𝐭𝐨 𝐝𝐨 🔹 Storing passwords in plain text is not a good idea because anyone with internal access can see them. 🔹 Storing password hashes directly is not sufficient because it is pruned to precomputation attacks, such as rainbow tables. 🔹 To mitigate precomputation attacks, we salt the passwords. 𝐖𝐡𝐚𝐭 𝐢𝐬 𝐬𝐚𝐥𝐭? According to OWASP guidelines, “a salt is a unique, randomly generated string that is added to each password as part of the hashing process”. 𝐇𝐨𝐰 𝐭𝐨 𝐬𝐭𝐨𝐫𝐞 𝐚 𝐩𝐚𝐬𝐬𝐰𝐨𝐫𝐝 𝐚𝐧𝐝 𝐬𝐚𝐥𝐭? 1️⃣ A salt is not meant to be secret and it can be stored in plain text in the database. It is used to ensure the hash result is unique to each password. 2️⃣ The password can be stored in the database using the following format: 𝘩𝘢𝘴𝘩( 𝘱𝘢𝘴𝘴𝘸𝘰𝘳𝘥 + 𝘴𝘢𝘭𝘵). 𝐇𝐨𝐰 𝐭𝐨 𝐯𝐚𝐥𝐢𝐝𝐚𝐭𝐞 𝐚 𝐩𝐚𝐬𝐬𝐰𝐨𝐫𝐝? To validate a password, it can go through the following process: 1️⃣ A client enters the password. 2️⃣ The system fetches the corresponding salt from the database. 3️⃣ The system appends the salt to the password and hashes it. Let’s call the hashed value H1. 4️⃣ The system compares H1 and H2, where H2 is the hash stored in the database. If they are the same, the password is valid. Over to you: what other mechanisms can we use to ensure password safety? – Subscribe to our weekly newsletter to get a Free System Design PDF (158 pages): bit.ly/3KCnWXq

Linux Grep Cheat Sheet #infosec #cybersecurity #cybersecuritytips #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosecurity #cyberattacks #security #linux #cybersecurityawareness #bugbounty #bugbountytips

Vous souvenez‑vous quand vous avez rejoint X ? Moi, oui ! #MonAnniversaireX

Your SQL query is slow and you need to create an index. But which one? An index on a single column is wrong 99% of the time... 👇 Learn with 5 tweets why you always need a multi-column index

🔥 Here are 4 more ways you can use JavaScript's new Promise.withResolvers() method. Use it today. It's in every browser and can be polyfilled in 9 lines.

Tip: @ChromeDevTools can now override the content of Fetch/XHR requests! Great for mocking APIs without waiting on backend changes! This and lots more in Chrome 117: bit.ly/wnd117

Vous souvenez-vous quand vous avez rejoint Twitter ? Moi, oui ! #MonAnniversaireTwitter

@melvynx @SaveToNotion #thread

Tu utilises seulement 3 % de la puissance de VSCode si tu n'utilises pas ces raccourcis ! Le genre de raccourcis qui me fait recevoir des commentaires du genre : "mais comment as-tu fait pour faire ça aussi vite ?" Ce genre de raccourcis est INDISPENSABLE ! En voici 7 👇

Very interesting article about #useMemo and #useCallback ! Take a look at "How to useMemo and useCallback: you can remove most of them" by @adevnadia developerway.com/posts/how-to-u… #react #webdeveloper

@AiExplorerFR @SaveToNotion #thread

Les IA changent notre façon de travailler.. Mais tout le monde reste sur ChatGPT.❌ Voici 9 IA que vous devez absolument connaître. Thread🧵

@melvynx @SaveToNotion #thread

La beauté des sites vient aussi de la finesse des icônes choisies... Voici 5 ressources d'icons que j'ai vu nulle part ailleurs 👇

@infomoneypro @SaveToNotion #thread

13 sites secrets alimentés par l'IA pour terminer des heures de travail en quelques secondes (ne les perdez pas) :

fr.igraal.com/app-share?pid=… #cashback #money #parrainage #inflation

My favorite JavaScript framework…

The Linux Booting Process Explained 🐧↓

Vous souvenez-vous quand vous avez rejoint Twitter ? Moi, oui ! #MonAnniversaireTwitter

I ❤️ git #awesomeTool #gitIsAwesome #thanks

Dear @getpostman, you save my day. With love. From Paris.

Every iPhone will search itself for whatever Apple wants, or for whatever Apple is directed to want. They are inventing a world in which every product you purchase owes its highest loyalty to someone other than its owner. edwardsnowden.substack.com/p/all-seeing-i