#password hashing | Explore Tumblr posts and blogs

sepherinaspoppies · 1 year ago

Text

Riding the Dragon

⋆. 𐙚 ˚ masterlist ✧₊⁺AO3 ⋆౨ৎ˚⟡˖ ࣪ taglist

⟢summary: after a great dinner with Aemond, he decides to give you a ride on his motorcycle, a Dragon T6.

⟢pairing: Modern! Aemond Targaryen x Reader

⟢warnings: 18+, MDNI, public smut, pussy on bike, cum play?, reader getting off on Aemond's bike, some tiddy succin, mentions of p in v sex, I think that it?

⟢wc: 3,064

⟢notes: this is my first time writing in reader's pov? the whole 'you' kind of perspective. I apologize if it sucks ass, I wanted to try something different. And can y'all believe I wrote majority of this when I was ovulating? HAHA

“I had a really nice time tonight.” The man in front of you says with a content and flirtatious smile on his pretty chiseled face.

Heat coats through your cheeks to the tip of your ears. Definitely not the effect of the two glasses of wine you’d drunk not too long ago. Wine hardly ever did a number on you to slightly fuddle your conscience.

You give him a sheepish grin, scraping the tips of your heels against the pavement, shying away from the intensity that his eye holds. “Same here. I hope we can do this again sometime.��

His face contorts in a way that clearly indicates that the feeling is in fact very, mutual. “Mind if I take down your number?” He asks, pulling out the latest new Iphone from his pocket. You only engaged in conversation through the dating app both of you met in and you thought it seemed only fair to give him your number after weeks of meeting him.

He taps a few things on his screen before you’re met with a white screen with only your first name and birthday typed. It is then when you wonder how he came about on knowing your birthday, if you had ever mentioned it in your electrifying conversations either on the app or this date. Most likely the second option.

You knew his name, well if you’d call it that, supplying you only his first initial. By his angelic looks, he was definitely of Valyrian descent. And you hate how much of a sucker you were for those blonde bitches. You knew he was in the last year of university, double majoring in political science and business here in the capital. You also knew he had a geriatric maine coon cat, Vhagar, who’d stuck with him since he was a child.

But that was pretty much it.

You nod, typing out the most critical information both of you needed in order to secure the second date. “Here you go,” you hand back his phone with such caution that causes his lips to quiver in a smirk.

He leans forward, too forward in a way you feel his breath steadily fanning your face and the warmth that radiates through his chest. You don’t pull away as his head lowers, keeping your gaze steady with his, admiring the amethyst hue of his lone eye that twinkles against the low street lights.

A snakes his hand around your hips, which normally you’d slap away if it was any other man. But he was different. A rare gentleman who bought you a single winter rose even when you were five minutes late, let you devour the fries off his plate, and hashed your steak without asking.

You wanted him to kiss you and perhaps even more.

You wouldn’t say no. If anything you’d whimper out a simple “please” if it came to that.

However, just as you expect his lips, it doesn’t come. He pulls away with a lupine smirk on his face, waiting for a response to a question you did not hear.

You cough away the slight embarrassment, “What?”

“I asked what your password was,”

Before you process how he did it, you see him wave the gray screen of your phone around your face, waiting for the six digit code.

Oh.

“I got your number but you did not get mine and you’re gonna need it when I take you out to dinner again.” The blonde in front of you points out.

True.

It almost feels too goofy revealing the code that multiple of your friends tease you for. Nevertheless, you stutter out the numbers: one, two, three, four, five, and six.

You hear him dryly laugh, shaking his head side to side as he types out the three sets of numbers. “Mmm, you need a better password, darling. One might think you want your personal information stolen,” He teases. You shift your thighs to a close at the term of endearment, already feeling the slightest tingles in a place where you desired him the most.

You make a sound of agreement making a mental note to change it later tonight. After he hands back your phone, he combs back the loose silvery hair out of his face into a neat bun that well flatters his face. “Take mine for example; it’s five, twenty-two, one-thirty. Easy to remember.”

“Is that your cat’s birthday?” You questioned.

“No. It’s the day we matched on Tinder.”

You are lost for words. Not even you knew the exact date you matched with him, only knowing it was around a few weeks ago. Judging by your reaction, he knew what you were thinking.

After a few more rounds of flirtatious conversations, you both decided to call it a night, waving each other goodnight as you watched as he sped up in a black, shiny Dragon T6, a vintage motorcycle that was the second most precious thing he owned. (The first being Vhagar). You’d be lying if that wasn’t one of the list of reasons why you swiped right. A tall Valyrian man, with long locks, that rode a motorcycle definitely modeled the countless dark romance books you’d spent hours reading.

To your frustration, the price of Uber had doubled the amount you’d paid for hours ago. Not even Uber Share happened to be near your price range. For ten gold dragons, you could buy a week’s worth of groceries!

So you sighed, turning off your phone. Your usual bus was still in service and way cheaper than the ridiculous prices of Uber. And while it was too late to be out by yourself, it was a risk you were willing to take.

As you rummage through your wallet for some copper coins, you hear a deep, rumbling sound of an engine revving up close to where you stand.

It’s him. Braking his bike on the side of the road where you are. His expensive Lysene suit coat no longer hugged his body, wearing only a white dress shirt that was half unbuttoned, giving you an impeccable view of his perfectly rounded cleavage and the multiple hidden tattoos you didn’t know he had.

“Hop in,” He says, pointing his head to the side. It was not a request but a demand.

You tilt your head, unsure whether to say yes or no. “Is it safe?” You ask. His chest moves, seemingly laughing as he opens the visor of his helmet. “Of course it is. I’m a cautious driver, never had an accident and I don’t think I ever will. I made sure to drink water after a glass of wine, so I’m not under the influence.”

He narrows his eye, observing the hesitation written throughout your face. He offers the spare helmet from his bag and hopes that it will coax the uneasiness.

“If you’re so dubious about it then by all means the bike is yours to drive.”

It’s your turn to laugh because the thought of you riding something of high value and rarity seemed absurd and silly. You were someone who did not have experience in driving in general whilst also being terrified of the narrow and steep roads of King’s Landing.

But there was no humor in A’s eye.

“You’re not serious are you?”

He powers off the bike before he scoots back from his seat. “I am.” He eagerly pats the spot he has saved for you.

“You do realize that this is a Dragon T6, right? They practically don’t make these anymore!” You gesture your hands around the expensive looking machine that was probably worth more than your left kidney.

He clicks his tongue, crossing his arms on his chest. “What’s your point?”

You scoff playfully, “My point is that manufacturers don’t make these anymore and if I crash it–”

“–You should have a little more faith in yourself. Maybe this will come naturally to you but you’ll never know if you don’t try.”

You can’t help but exhale in slight failure. This was a conversation you knew you couldn’t win with him. “Look, I’m not going to pressure you into something you don’t feel comfortable doing but I happen to be a great teacher. And if you do crash I’ll buy another, they aren’t that expensive anyways.” The Valyrian man shrugs as if thousands, or hundred thousands of gold dragons were nothing.

You mutter a “fine” under your breath which makes him all giddy with excitement and slides the helmet down your head. He double checks if it's secured before he lifts you to sit properly on his bike.

“Or I have one or two things in mind of how you could repay me.”

Every single piece of information he hurled your way was taken deep into your head. And you did your best to pay attention to it all under the sharp needles of nerves going through your spine. At some point he had given you little rubs up and down your back to soothe your nerves. The effect was anything but that, instead all you could think about was how his hands would feel against the bareness of your body.

Fuck.

You tried to push those lewd thoughts away as he demonstrated the anatomy of the Dragon T6. The ignition was a little red switch right below the speedometer, whilst the clutch was on the left hand side and the accelerator in your right. The gear shift was something you had to get used to as it was not on your eye level but rather a small little lever near your foot.

Once he feels you’ve gotten the grasp of how everything works it was time for the ultimate test. “Alright now we start. Are you ready?” He asked with an eager smile tugging his lips.

No.

You nod your head, adjusting the mirrors to match your height. You feel the tips of his fingers lift and turn your chin towards him, “Use your words, darling.” There it was that name again that made you clutch your thighs together. You audibly gulp, “Y-yes I’m ready.”

“Good,” His hands squeeze at your hip bones to bring you closer to him. Your eyes widen almost comically to what you assume is his cock pressing insistently onto your ass. It was hard, and through the thin material of your dress you could feel it throbbing full of want and need. Gods, how will you ever focus now?

A brief image flashed through your mind of how much and what was packing underneath his undergarments. The length and thickness and how it would feel wrapped around your palm as you’d stroke him from base to tip, or the taste of him as you’d take him inside your mouth, or having his full length stuffed deep inside you as he fucked you dumb.

Something tells you that he knows what you are thinking but neither of you speak about it.

Finally, he takes your hands onto the handles of the clutch and the accelerator and you, being a step ahead, check if the gear is on neutral before you release the clutch and to your satisfaction it is. The blonde behind you smiles at you proudly like a teacher would to their student.

“Now, you’re gonna slowly release the clutch and twist the accelerator slightly…there you go, good girl. You’re doing such a good job.” He coos at your ear.

The beat of your heart raced almost out of your chest. You weren’t sure if it was the excitement of a small accomplishment or the low timbre of his voice praising you but you welcomed it.

With confidence you didn’t know you had, you decided to drive the rest of the way to your apartment without complications and took up every tip the man behind you advised. The cool air kissing your skin and the adrenaline wildly pumping through your veins, awoke something in you and slowly you began to comprehend why A loved riding.

You had felt like a small bird taking its first flight through the skies.

When you both reached the parking lot to your apartment, you returned his helmet and a small part lingering inside you did not want to let it go. You enjoyed it and the freedom it brought you.

“That was so fun! I can’t believe it was that easy. Think I need to save me up for one of these,” You quipped patting the bike.

He throws his head back to let out an amused laugh, “Or I can just give you this one,” A tone of nonchalant laced through his voice.

You look at him baffled, “I was–”

“–But first we need to get you your license before I–”

“–Absolutely not, I was jesting.” You snipped, making him roll his eyes with a slight pout drawing out his lips.

“You’re stubborn and difficult, has anyone told you that?” You chortle thinking of the numerous times you’ve been called that.

“Plenty of times but I reckon this won’t be the last.”

He hums tucking a loose piece of hair behind your ear, “I guess I have to fuck it out of you.”

You blink.

The hue of your cheeks increased tenfold, your feet and body became paralyzed to what he had just confessed.

Had he just said that to shut you up? If so it worked.

You didn’t know how to respond to something as bold as that and to your inclination you lowered your head but the blonde behind you couldn’t have that. You felt the tips of his fingers roughly grip your jaw to meet his gaze. The amethyst hue of his eye turned into a darker shade of violet as he eyed between your eyes then your lips.

Every part of you screamed for him to kiss you or to do something to appease the longing.

You instinctively parted your lips when his head began to dip towards your lips. The tip of his nose brushed delicately against your own then it slowly trailed to sniff at your neck, the sweet smell of spiced peaches.

“Nyke jaelagon ao,” He whispered in his mother language.

“Pār emagon issa,” You said before you mentally said ‘fuck it’ and knocked the wind out of him with a kiss.

He lets out a mix between a growl and a groan as he feels your wandering hands tugging the roots of his hair. Something you yearned to do ever since you saw how long and silky his hair was.

And Gods did it meet your expectations.

His lips moved against yours most ardently and with equal fervor. It was hungry and needy the way your teeth clashed with his, tongues dancing for dominance until you hissed when he bit your lower lip.

You melted into his warm embrace, deciding to tease him by rubbing your palm on his clothed length, detecting a damp patch. You shot your eyes open, separating away your lips.

“Did you just cum?” You panted heavily.

A smirked, “I came when you first got on the bike and I was about to cum right now.”

You quirked a brow, “That’s what did it for you?” Redness coated his cheeks and before you knew it his lips were on you again and his hands lifted the hem of your dress, exposing the black lacy panties you wore just for him.

“Incase you get lucky,” Your best friend Sara teased just the day before when you and her took a shopping trip to a Lysene lingerie store.

Through some imaginary telepathic communication, you thanked Sara.

He groaned feeling the wetness that gathered through your folds. You weren’t just wet, you were dripping like honey on a hot summer’s day. A mischievous idea popped into his mind, something so lewd that made the head of his cock twitch with excitement.

You squealed as he swiftly turned you around and twisted the ignition switch on. Was he going to make you drive in this state?

“Move your panties to the side.” He commanded behind you.

You pushed away the curiosity and did what he bid you to do. “Good girl. Now lean forward a bit.” You shifted yourself forward until you could feel the warm metal of his seat pressing tenaciously at your bare cunt.

A gasp turned into drawn out moans as the blonde behind you revved the accelerator at a speed that made stars appear in your eyes. It felt good, so obscenely good that all thoughts about being in a public setting flew right over your head.

You began to grind yourself with the vibrations, creating as much friction to your bud as you could.

“That’s it, darling,” He encouraged behind you, increasing power to the accelerator just enough for your arousal to coat his bike. “Fuck yourself on my Dragon.”

You clenched around nothing, whining as you felt the pure waves of ecstasy slithering down your spine. It was unlike anything you ever felt, not even the vibrator you owned made you topple over the edge.

In ten seconds or less, you loudly moaned, not caring who heard or saw you, as your legs shaked and the coil around your stomach loosened, cumming absolutely hard.

Your limbs felt entirely spent as if you ran three laps around Rhaenys’ hill.

“Mmm, do not get too comfortable, now, darling.” He boasted smugly as his fingers scoop your honey to his lips, humming at the delicious taste. “I haven’t even fucked you senseless yet and after witnessing this I want nothing more but to ruin your ability to walk straight for week.”

A low whine escaped your lips at the thought of him roughly taking you. “Is that what you want?” He questioned, lowering the straps of your dress to expose your breasts to his gaze.

You sighed contently, feeling his tongue enclosing around your perk nipple. “Yes please,” You tenderly loop your fingers through his hair.

“I promise I will never make you beg,” He murmurs against your breast, “But you sound so pretty when you do.”

He had kept true to his word as he not only bent you over his bike as he fucked you raw, but took you three more rounds on your couch, bed and shower until you absolutely passed out in his arms. And for the rest of the week you couldn’t walk straight without limping. Thanks to Aemond Targaryen.

general taglist: @dreaming-for-an-escape @marvelescvpe @omgisrdj @ramsip @silentf @thenightmistress @dixie-elocin @namelesslosers @gigi-panecillo @laureeedn @watercolorskyy @seabasscevans @kittendoll05 @fullmoonworshipper @bunbunbl0gs @summerposie @dusicapopilic @tulips2715 @kckt88 @chaoticwinnercupcake @folksriddle @ficsandsin @nyx-daughterofchaos98 @qweencrimson @slytherized @qyburnsghost @tofujiji @saturnssrings @janeety @thought--bubble @theunburt @mandiiblanche @iamkookiesforyou @jeben196 @just-a-harmless-patato @moneypriestess @ladymoon666 @angelinap09

empty is who I couldn't tag sowwy besties.

#aemond targaryen one shot #aemond targaryen x you #hotd fanfic #aemond targaryen x reader #aemond targaryen #aemond #one shot #kinda smutty #aemond one eye #prince aemond #house of the dragon

647 notes · View notes

cherrypikkins · 7 months ago

Text

How safe is your password?

Hive Systems updated their table showing approximately how long it would take to crack your password via brute force based on the types of characters used along with password length. Doesn't factor in commonly-used phrases, words or character combos. The link leads to a page providing details on the methodology used.

#tech safety

101 notes · View notes

sukimas · 1 day ago

Text

[cyberpunk cowboy voice] i like my pork like i like my passwords. salted and hashed

28 notes · View notes

ms-demeanor · 1 year ago

Note

Okay so, how exactly do Password Managers work?

Because I'm pretty sure that giving some random corporation all my passwords would just make it EASIER for my personal info to get leaked.

I mean it is genuinely complicated; I don't know if you saw my explanation about dominoes yesterday, but basically you're not giving the company your information. You are creating an account with a company and they are handing you a tool that is extremely securely encrypted to store your passwords in. The company never has access to your passwords, or to the key you use to unlock your account. What they have access to is the cryptographic hash of your key to prove that it is you trying to access the account, but they can't reverse engineer the key that you use.

It's the same sort of process that encrypted email services like ProtonMail use. It's zero-knowledge storage. All that the password manager company is storing (in the case of a good password manager like Bitwarden) is up to 1gb of encrypted data for free users. They don't have access to your information. They couldn't get into it if they wanted to. All that they know about you is whatever information you used to register for the service and broad information about creation of the account.

Part of the reason that I recommend Bitwarden is that it is both open source and pretty widely used and recommended.

Open source security products are often considered more secure than closed-source tools because they can be examined and tested at the source-code level by *anyone* to check for vulnerabilities and holes in the security. Functionally what this means is that you have very smart, very motivated, and very security-conscious people testing products like Bitwarden for flaws and reporting them immediately.

I'm not great at explaining cryptographic hashing so I'm in a position where basically all I can tell you is "Trust me it works, and if that's not enough you have to go do some reading about hashing because I can't explain it." This is the barrier that a LOT of people have to using a password manager, and it's frustrating because genuinely, it is not something that people who work in security worry about *at all.*

When we're working with security the concern about password managers is *never* that a zero-knowledge company is going to have a leak. The concern is that data might actually be stored in plaintext (something you don't have to worry about with bitwarden because if that was the case everyone on the forums would be screaming their heads off at all times, and they are not) or that a phishing campaign is going to trick a user into handing over their password to the password manager.

But yeah, when you start using a good password manager with zero-knowledge storage, you aren't handing your data to a company. What's happening is that the company is handing YOU a tiny safe. The tiny safe has a ten-thousand-digit combination lock that you set the code for, and the company has no way of figuring out that code. They're hoping that you will pay them for the safe. And if you forget your code, you're screwed - the company can't get you access because, again, they have no way of getting the code. They don't store it, they don't see it, they don't know it, they can't produce it if ordered to do so at trial, and they can't reset the code.

324 notes · View notes

santaeofficial · 1 month ago

Text

RE: Password Security on Santae

We want to directly address a false and misleading claim circulating online.

No one on the Santae team — including administrators or management — can see your password. Passwords are never stored in plaintext. Like any secure platform, we use one-way encryption to protect your login credentials. We use Laravel’s built-in authentication system, which hashes (and salts) every password before it’s ever saved. This means your actual password is not visible or accessible to anyone, including Myself(CJ), Developers, Management or Administrators.

We can assist with password resets only in cases where the “Forgot Password” function fails. This is a standard fail-safe, allowing us to manually set a new password upon your request. However, we do not have access to your current or previous passwords, nor can we view any password you’ve set.

We always encourage you to use a unique password for Santae and for every other service you use.

Spreading misinformation like this causes unnecessary panic and undermines trust in the safety protocols we’ve put in place. We take your account security very seriously, and our systems are designed to uphold modern standards of user privacy and data protection.

If you have any concerns, please contact support through our support ticket system on-site or email [email protected]. Thank you for helping keep our community safe, informed, and respectful.

~ The Santae Team

#santae

25 notes · View notes

identityarchitect · 8 months ago

Note

If you use the same email for everything, that email and every account associated with it is probably compromised due to this.

wait what? what exactly does this entail?

Recently, the Internet Archive faced a severe security breach that leaked the account info of all of its users.

Longtime security researcher Troy Hunt, who runs the data-breach-notification website Have I Been Pwned (HIBP) also confirmed that the breach is legitimate. He said it occurred in September and that the stolen trove contains 31 million unique email addresses along with usernames, bcrypt password hashes, and other system data.

(via Wired)

What this means is that the email address and password you used for your Internet Archive account is public information. (You can check Have I Been Pwned to see if your info is a part of this breach, but assume that it is.)

Most people use the same password for most things. Let's imagine you have a pretty secure password, like th1sISap@ssw0rd!!. This follows all the contemporary rules for passwords: it has lowercase and uppercase letters, numbers, and symbols, and is decently long. So let's say you use this password for your Internet Archive account, and your email address, but your Discord account has a different password.

Someone can look at your leaked info from the Internet Archive and try your password on your email. Now they have access to your email address. That's a very bad thing, since most services online use your email address to confirm that you're who you say you are. Now they can also access your Discord account by sending a password reset request. And Discord account hacks are actually pretty common. Not via these means, for the record: most Discord account hacks take place over Discord itself, usually as a fake link posing as some "oh no I reported you and now you need to contact staff to undo it" (pro tip, if anyone ever says that, they're lying. Social media staff know what misclicks are and also most social media uses an algorithm anyway).

With your Discord account, they can now pose as you - a known legitimate user, who people will want to trust - to try and scam people. Not great. Also, you probably don't want other people to have access to your account.

So, what should you do about it?

Change your email account password. All of your passwords should be unique to that account, but especially email, since it's the 'hub' of logins and if someone has your email they can just send a forgotten password request.

If you have a phone, you can set up two factor authentification. What this means is that you authenticate that you're the owner of the account via one factor, your password, and then an entirely separate factor, your phone. If someone wants to hack something with 2FA, they first need to figure out your username & password, and then guess your 2FA code. Most 2FA codes reset every 30 seconds, so even with brute forcing it's nearly impossible and not worth it.

Stop using the same password for everything! I understand why people do this & there's no shame in it but the more similar your passwords are, the more at risk you are after pwnage. There are plenty of password managers out there: I personally use Bitwarden. Your browser's native password manager is probably fine, but you've got to start taking its suggestions when it wants you to use an ultra-secure password that you'd never be able to remember. Pro tip: You don't need to remember it. The password manager will remember it for you. Bitwarden has a mobile app if you need to login to stuff on your phone, and it also lets you easily carry passwords between computers.

I'd also recommend going through and seeing if you can delete old accounts for websites you no longer use. Having less accounts reduces your risk of being pwned simply because there's less datasets you're in that could be pwned.

I hope this helps ^^; & keep in mind that being pwned is not the end of the world. Even with your info being out there, someone's still got to choose your account of the 31 million that got breached in the Internet Archive leak. Additionally, your accounts might not even be compromised at all - I'm pretty sure I'm fine even though my email was in the leak, since I have a unique password and 2FA for my email, and unique passwords for all my other accounts too.

BTW TERFS & radfems die in a fire 💖

#internet archive #internet archive breach #data breach #?#idk wtf tags to use with this lol #answered asks

57 notes · View notes

alexanderwales · 2 months ago

Text

My wife got inordinately upset with an episode of Black Mirror because someone emailed a woman her dead daughter's plaintext password. Obviously any major company should be following best practices and salting and hashing the passwords. They should have sent the woman a password reset link.

But you know, maybe that's the critique of that episode. The dark reflection of our society. The information security failures of major tech companies.

25 notes · View notes

kaiserouo · 8 months ago

Text

HOLY FUCK

www.doctorentrati.com

also im playing with it rn so spoiler below. expect editing

fuck i feel like im playing ctf

manually delete the is-hidden class works

OH NO... why don't you encrypt the content with the password...

I mean you can check the password by comparing it with hash and use the real password to encrypt and decrypt the thing... your javascript code is indeed obfuscated, if you change something in the encryption algorithm to make it not trivial to solve the password (e.g., change AES's subByte table) then I would rather actually solve this than de-obfuscate the code.

just don't show everything when people inspect the website okay

yes very protected

---https://www.reddit.com/r/Warframe/comments/1gc4zwc/arg_thread_reference_post_to_everything_use_this/

oh nevermind they still kinda did that

also wtf i definitely can't figure most of these out

someone said it's only possible to unlock the first file and i can kinda see that

so they do use a hash to do the password thing (which is standard), aaaand the rest of the hash is null so the files are not meant to be solved for now

oh no... i looked at the wrong file, this is not obfuscated and is the main logic. Now I don't know what the file "/qwNqpl0pN06NLnVE4I6T5Lzd/YOEpQthrVXt0SY/IntzETIaAwk/Kxd/AAlodTlAB" does.

That's why you should obfuscate the code guys the correct email reply is literally written in there

i guess you don't need to use the hint in ascloid just type "crypt" and it still works

seems like the rest of the hotbar literally does nothing. you can't unlock it or anything, i guess it's for the later versions of the ARG

we do have the hash... i wonder if we can z3 brute force other passwords...

okay that's it. i mean i didn't really solve anything, other people already solved this. i think i have the most fun looking through the source code... which doesn't take much time compared with the time i took looking for the password the legitimate way and failed miserably

also please obfuscated your code DE i mean if this is a proper ARG we shouldn't able to cheat like this. at least not that simply

okay... i guess brute force with z3 is harder than i thought. i don't know how much time solving "khrajahuxata" would take and i'm already limiting my search space in lowercase letters only

#fucking jackpot #you can't be fucking kidding me i just got that all on my own #like #i know the first three would very likely be www #and the rest can't be digitalextremes #and entrati must be in there considering the warframe main site's logo would change to WF-entrati-logo-nav-desktop.png #and there are only 6 alphabets left #warframe #ramble

27 notes · View notes

andmaybegayer · 2 years ago

Note

can you actually talk about bitwarden / password managers, or direct me to a post about them? Idk my (completely uneducated) instinct says that trusting one application with all your passwords is about as bad as having the same password for everything, but clearly that isn’t the case.

So it is true that online password managers present a big juicy target, and if you have very stringent security requirements you'd be better off with an offline password manager that is not exposed to attack.

However, for most people the alternative is "reusing the same password/closely related password patterns for everything", the risk that one random site gets compromised is much higher than the risk that a highly security focussed password provider gets compromised.

Which is not to say it can't happen, LastPass gets hacked alarmingly often, but most online password managers do their due diligence. I am more willing to stash my passwords with 1Password or Bitwarden or Dashlane than I am to go through the rigamarole of self-managing an array of unique passwords across multiple devices.

Bitwarden and other password managers try to store only an encrypted copy of your password vault, and they take steps to ensure you never ever send them your decryption key. When you want a password, you ask them for your vault, you decrypt it with your key, and now you have a local decrypted copy without ever sending your key to anyone. If you make changes, you make them locally and send back an encrypted updated vault.

As a result, someone who hacks Bitwarden should in the absolute worst case get a pile of encrypted vaults, but without each individuals' decryption key those vaults are useless. They'd still have to go around decrypting each vault one by one. Combining a good encryption algorithm, robust salting, and a decent key, you can easily get a vault to "taking the full lifetime of the universe" levels on security against modern cryptographic attacks.

Now there can be issues with this. Auto-fill can be attacked if you go onto a malicious website, poorly coded managers can leak information or accidentally include logging of passwords when they shouldn't, and obviously you don't know that 1Password isn't backdoored by the CIA/Mossad/Vatican. If these are concerns then you shouldn't trust online password managers, and you should use something where you remain in control of your vault and only ever manually handle your password.

Bitwarden is open source and fairly regularly audited, so you can be somewhat assured that they're not compromised. If you are worried about that, you can use something like KeePassXC/GNU Pass/Himitsu/ (which all hand you the vault file and it's your job to keep track of it and keep it safe) or use clever cryptographic methods (like instead of storing a password you use a secret key to encrypt and hash a reproducible code and use that as your password, e.g. my netflix password could be hash(crypt("netflixkalium", MySecretKey)), I know a few people who use that method.

Now with any luck because Apple is pushing for passkeys (which is just a nice name for a family of cryptographic verification systems that includes FIDO2/Webauthn) we can slowly move away from the nightmare that is passwords altogether with some kind of user friendly public key based verification, but it'll be a few years before that takes off. Seriously the real issue with a password is that with normal implementations every time you want to use it you have to send your ultra secret password over the internet to the verifying party.

#computer stuff #ask #anonymous #cryptography #password managers

244 notes · View notes

santae-salt · 1 month ago

Note

"If you use your password for anything other than santae, change it. Santae passwords are stored as plaintext and any admin, and ember, and probably also CJ can see them. They can also change them for you. "

I'm curious as to why you think this? Santae is built on Laravel which has a very easy to implement password hash system and there is no reason to think Ember wouldn't use it.

☁️

#saltsalt

9 notes · View notes

papayajuan2019 · 9 months ago

Text

unfollow and report all my posts. shoot the servers with my password hash

33 notes · View notes

vitaminseetarot · 1 year ago

Text

PAC: Messages From Your Spirit Guides 🌬🌨🛎

Sup y'all, I'm back for another reading on what your spirit guides have to say! We are approaching a powerful micromoon on Friday night into Saturday morning, and I hope these piles will help you with whatever you're manifesting or clearing out of your life.

Sidenote: I have been in the background trying to get my Paypal account working so I can have the chance to finally offer paid readings. I know some of you have been asking me about when I'll be doing private readings! Long story short, Paypal thought I was a bot and locked me out of my account. (They won't even tell you it's locked, it'll just act like your password isn't working, lol) After struggling for a while, I had to actually call for support. 😅

It's all fixed (for) now! I'm now going over some ideas for what readings I will offer. They will likely be basic 1 and 3 card type spreads for starters. I'll fill you in when more details are hashed out. I'm still also planning another game in March, so stay tuned.

So let's dive into your readings! You can either pick your pile option through the palette cards or the corresponding pictures below for your quick message.

Pile 1 - Lavender Sky Pile 2 - Air Blue Pile 3 - Snowfall Pile 4 - Rainwater

Pile 1

Lavender Sky, Sweetness, Lava; V Hierophant, Queen of Wands, 3 of Cups, 10 of Cups

Pile 1, the guide (or guides) contacting you is the type to play it by the book. They know how to fill your cup because they've gone through it too. This is likely a passed ancestor in your family, though it doesn't have to be. Just someone who's really gone through it thick and thin while living on Earth, experiencing the highs and lows of existence. They're guiding you because they've been in your shoes. Their message is simple. They want offer you a cup of cheer. Although that's traditionally a Christmas saying, I picture of cup of healing tonic being passed to you. It's rich and warm, like a cappuccino or spiced chai. They invite you to sit down and relax with a similar soothing beverage.

I heard lyrics from the Evanescence song "Imaginary" while pulling out the palette card. "In my field of paper flowers and candy clouds of lullaby, I lie inside myself for hours and watch my purple sky fly over me." I'm sensing some detachment. They say you've been spending a lot of time closed off into your own inner world and not communicating as much as you'd like to, but not out of loneliness. In fact, this time alone may have revitalized you, or you may consider it a comfort zone to be in. You could have been laying dormant, working on yourself, wondering when it's finally time to stretch.

But the Queen of Wands, as confident as she is (and you are), truly enjoys being around others. It's where her light shines. If she wants to perform, she wants to do it with a crowd. If she speaks, she wants it to be with another. She knows her light, but it's not enough; the light must expand outward and be shared. Imagine that, instead of shining only in your mind, your creative abilities and unique personality can stand out in the real world to be seen and heard. For your unique truth to be recognized and lauded.

Your guides would gently like you to get out of your head a little. You have a bright mind and a caring disposition. There is no reason to hold yourself back from healthy communities. Your affirmation card says, "My truth flows through me gracefully." Holding your emotions and true self back is useless, anyway. The lava will come spilling out one way or another. Use that strong confident energy you have when alone, and channel it to reach out and connect with other people. Things likely will turn out better than you could have imagined. This could be your year for forming great new friendships that may even stand the test of time, if you're up for it.

I'm getting a lot of people in this pile may identify as shy or socially awkward. Your guides see your struggle and know this isn't an overnight event, it can a long haul process to come out of one's shell. And if reaching out to people in real life is still too difficult, please know that your guides are with you. They are available to talk whenever you need them. I suggest working with candles (safely!) or water scrying as possible methods for communication.

Pile 2

Air Blue, Ghost, Bee; 0 Fool, 9 of Cups, 5 of Wands, 7 of Swords

You received two affirmation cards in this reading because the yellow rose fell out almost immediately: it says "I am at peace in my life. I am at peace in the world. I'm getting some strong anxiety with this pile. It feels like the anxiety experienced on a regular basis. It's a strong contrast to your guide's energy, which is carefree and lackadaisical. I hear they can be a bit of a prankster with you? I'm seeing someone getting frustrated with computer equipment or some other machinery like a cash register. Really riding on that Mercury retrograde energy when it's there, they're opportunists. This could be your guide's primary way of talking with you, by causing strange and chaotic things to happen that put a brief halt in your day-to-day life.

It may seem somewhat cruel that a guide would 'tease' like this, but they keep pointing at the yellow rose, which symbolizes friendship. They have reached out and offered support in the normal, usual ways, but there's a sense of denying and not returning in the interaction? Have you ever met them? If you want to connect with your guides, the first step is to acknowledge that they're there and that they're reaching out to you. Otherwise they'll start to act like cats who sit on books and knock glasses over just to get your attention, if they want it badly enough. They can get even urgent about speaking at times, I heard the song "Urgent" by Foreigner.

They want you to see that things aren't as bad as they seem to be in the present, though. They disrupt your day precisely to get across that somewhere, you're getting yourself stuck in a rut. They're there to help you break bad cycles of thought that aren't helping you. It's an odd way of doing it, but if you can reach out to them and learn from them, they won't always be like this. It's only because they want you to embrace life like every day is a new beginning. Allowing yourself to get worked up in fear sets up the day for exactly that. They see your capacity for joyful and successful working and living and want to bring that out in you.

You may have times where you have very high hopes for something to happen in your favor, only to burst into panic when one little thing falls out of place or goes wrong, even if it gets resolved. Your guides aren't trying to work you into a tizzy; they want to teach you how to handle the day's hiccups with more ease instead of relying on control all the time. They want you to speak positive affirmations to yourself on a regular basis with the idea that peace and ease are available to you. Your other card says, "I can speak powerfully with ease." Your words are strong, especially what you say to yourself in earnest. Speak your wishes out and your guide will listen. Bottle it up too much, and your guide will find a way to pour it out for you. Focus on the BEST outcomes!

And if your anxiety still feels like it's getting debilitating, your guide will support you in getting you any outside help that you need. Ultimately, they want to see you thrive, both inside and outside chaos, even if their methods are unconventional.

Pile 3

Falling Snow, Fear, Swan; 9 of Cups, 3 of Swords, Page of Coins, 5 of Wands, VII Chariot

Pile 3, your guide is a colorful and gentle being, I'm picturing someone childlike here with the Page of Coins. This guide flourishes in nature and the innocently playing with their creations. Perhaps you're an artist or someone devoted to a craft that brings out your inner child, your unique joy? This being wants to guide you in these endeavors. Your guide embodies a playful spirituality, far from religious status and regulations. They enjoy seeing ideas come to life.

It seems like you've been calling out for help in dealing with relationships in your life, or lack thereof. If it isn't to do with love or people, the Swan card could suggest a creative passion that you already have in mind. You see this person or passion as the "One" you've been praying for, the "One" to forever come or stay in your life. Your guide wants you to begin by seeing that you are the "One" you've been looking for. See that there are two swans in the card. One of them is you, seeking the kind of beauty that's already blossoming atop your head.

I'm drawn in by the purple flowers. If you work with chakras, your crown chakra is calling for your attention. Your affirmation card says, "I am connected to the wisdom of the universe." You may have recently been hurt from a relationship, or you've been worried that dating seems far away from you. The kind of school to help you hone your talent may feel at a distance. I'm getting 5 of pentacle vibes with the Falling Snow card, like the opportunity is "snowed in". But it's an illusion; you're moving faster and more suddenly through life than you may believe, though there are times when relationships don't work out, or we get turned down from an opportunity that looked to be beneficial to us.

It's okay to be honest about how sucky rejections feels. Your guide, as playful and rambunctious as they are, wants to hold your hand with a compassionate smile. They can see the flowers blooming beneath the snow, but understand that you have a right to process how you feel. Their main encouragement to you is to give yourself the time, just as spring has time to thaw from winter. In due time, you'll be feeling better again once you've given yourself the chance to mend your heart. I shuffled an extra card for 5 of Wands, which gave me Chariot. You will be able to move on, through the fearsome fire and smoke, to the other side. Allow yourself to heal, then allow yourself to proceed, knowing you won't be burned like that again.

If pile 2 resonates with you in any way, I recommend checking it out. There are messages there about dealing with fear and speaking out kinder thoughts to yourself. See yourself and your creations as the beautiful swan, even if circumstances leave you feeling like the ugly duckling. Your guide only sees the beauty and laughter in you.

Pile 4

Rainwater, Sadness, Ladybug; 3 of Cups, 4 of Cups, X Wheel of Fortune, 10 of Wands

It seems clear to me that your guide is heavily connected to water in some way, be it the rain or the ocean (it all runs together any way). They appear to me as very old and wise, like an ancient sea spirit. Far from hermitage, they are connected to all life underwater, as well as the water that flows through us. They're pointing out to me the way everything in life follows a cycle. The powers of the water and the moon demonstrate this on a regular basis, showing how the essential patterns of water can be found in other parts of life as well, even if abstractly. See, for example, how cats can squeeze themselves into jars like liquid, or how crowds of people can flow like streams. When we talk about rain, we can think of either abundance or loss. Rain can represent the release of powerful emotions, or it can bring life to withering crops. To understand water magic is to see how versatile the power is.

Your guide wants to let you know that your life follows an ebb and flow like the tides of the sea. There may come times when it floods over and all feels hopeless. There may also come days when the cool rain shower comes as a welcome on dry and dreary days. Your guide says there is nothing inherently wrong with you, if you are feeling a bad streak of luck. They (though I'm feeling a strong feminine energy here) want to help you with your perspective on life. You are not 'deserving' of bad things to happen, they say, as it's an unhelpful belief to deal with troubling situations. Life happens around us, and many times we get caught in hurricanes caused by others, or by our own actions. These ebbs and flows stop for absolutely no one.

We, as people, should be more drawn to compassion towards each other because of this. I'm getting worldly energy when I channel the guide's connection to you, like your guide is a deity like figure or you are highly attuned to the earth in some way. You may feel drawn towards this need for giving and receiving compassion. Though what I sense your guide is pointing at refers to boundaries. It's dear to them that you feel connected to the world's energy, or to the pain that mother nature and her people feel, but please practice boundaries so you can give yourself a chance to breathe and live your own life instead of letting psychic woes eat at you.

Your guide wants to assure you that luckier times are ahead. The Wheel of Fortune combined with the Ladybug shows that you have the chance to count the blessings in your life to attract more of the same. To attract good luck and abundance for you is to do the same for others. Imagine if emotions were contagious, and you had the chance to spread good luck around by changing your perspective? Your affirmation card says, "I am able to let go of all sadness and negative emotions that don't serve me." There are times when things get turbulent, but don't let it stop you from getting ahead.

This reading has not been evaluated by the FDA to diagnose, prevent, treat, or cure any disease or infection. Please ask your physician before going online.

2024, @VitaminseeTarot ™

65 notes · View notes

beesmygod · 1 year ago

Text

laughing my ass off so hard that tumblr was part of a massive data breach but the data is basically worthless bc tumblr did their due diligence in salting and hashing the passwords but also because its tumblr lol. anyway change your password and never use the same passwords anywhere and this shit will never matter.

e: this is from this article which is also sort of mystified by why this was stolen lol.

e: ALSO THIS IS OLD LMFAO sorry adam and i were talking abt this and i saw this while looking it up

70 notes · View notes

ms-demeanor · 1 year ago

Note

hi, thanks for all the tech tips! I hope this isn’t a silly question, but how are password managers secure? Isn’t there a risk of a data breach there?

Each individual account managed through a password management company is (or should be in any respectable product) individually encrypted.

When we see big breaches like the 2013 tumblr leak or similar leaks over the years, typically what you're seeing is either

A) One large collection of information that was stored under the same encryption umbrella and someone was able to use illicit credentials or some other nefarious method to access that information (very bad) or

B) Information that was never encrypted in the first place and was stored in plaintext (much, much worse).

With a good password manager any data that the company has is encrypted and your individual vault is encrypted separately using a key that the company doesn't have access to.

So imagine that you walk into a room and the floor is covered in dominoes arranged in a pattern. With no encryption (scenario B), imagine that the door is unlocked and you can simply open the door and knock over all the dominoes.

With one big encrypted bucket (scenario A), what happens is if you are able to open the main door, you can knock over all the dominoes but it takes some effort to get the door open.

With individually encrypted vaults you need to open the main door, then you see thousands and thousands of tiny safes, each with a combination that you need to guess to access the dominoes inside to knock them over. Each safe has a code that will take somewhere between two years and ten thousand years to guess, depending on the computer doing the guessing, and you can customize your safe to make it harder to guess the combination.

Good encryption is extremely secure, and a lot of the breaches that we see aren't failures of encryption, they are failures of other parts of the system security. What you are typically seeing with big breaches is either someone didn't bother to encrypt anything, or someone fucked up in a big way and people who weren't supposed to gain access were able to gain access.

But what you almost never see is someone genuinely cracking encryption of a secure system.

Password managers generally speaking have a better eye toward security than a lot of other products, and open source password managers tend to be rigorously tested by some tremendously intelligent and tremendously paranoid people who are VERY invested in security.

If you have a Bitwarden account (just using it as the example because it's my favorite and it's what I recommend), Bitwarden actually *can't* access your account. If you forget your password, that's it. You're locked out (this is why it's important to make a good password hint and to make your password manager password both complex AND memorable). They can't recover it for you because they simply do not have access to that data; it is encrypted and they can't crack the encryption and they don't have your key (they have a hash of your key, which means they can recognize your key but they can't reverse engineer it - it's complicated, look up cryptographic hashing, I'm bad at explaining it). So if anyone breaches that system, they ALSO don't have access to your vault or to your key and in order to access your passwords would need to brute force your main password by guessing until they landed on the correct one. If you have a sufficiently long and complex password, that is going to be so extremely difficult that it might as well be impossible.

200 notes · View notes

salternateunreality2 · 1 year ago

Note

Kunsel says:

We should maybe have a stricter definition of what counts as "hacking", okay?

It was a slow day at work, and he decided to guess people's email passwords in 10 attempts.

How does it go?

YESSSSSSSSS

Pro tips: make your password long, that is the most important factor. Use a password manager, most of them have a free option. Adding complexity does help, but focus on length first. Size does matter here. Multi-factor authentication (MFA) also helps a lot.

---------

Kunsel: Zack, gimme your password!

Zack: ...

Kunsel: Come on man, I need it for something!

Zack: 😭😭😭 buddy I would, but I forgot it again 😭😭😭😭😭😭

Kunsel: Ok man, it's ok, let's look around your desk...here, under this pile of chip bags, I think i saw...yeah, here's the penguin toy...and yep, Password Penguin has "Zack'ss00p3rp4ssw0rd!" written on the bottom. Let's try it!

(it works)

Zack: THANK YOU KUNSEL I THOUGHT I'D LOST HIM AND I COULDN'T REMEMBER AND-

Kunsel: *wheeze* Zack let go, I need to breathe *wheeze*

-----------

Kunsel tries to guess Roche's by typing it in.

M0t0rcycle!

ShinyDancer

Sh1n33D4nc3r!

He's in.

------------

Kunsel tries to guess Sephiroth's. On the 9th try, he gets it: Seph+Jenova4ever

Horrible things are uncovered along the way and now he needs to send Sephiroth some information very discreetly.

------------

Lazard. Kunsel knows better. He gives a few guesses, but decides to actually hack this.

He sets up a hash capturing tool over the internal network and waits for Lazard to log on. He does. Kunsel captures the hash and starts cracking it.

Three days later, the hash cracker has not worked and he has to give up on that.

Kunsel: Sir, I need to get into your email, will you please send me your password?

Lazard: Of course not, that is unsafe and against company policy. However, you're welcome to come to my office to perform any actions we both deem necessary.

Kunsel goes over and Lazard is using multifactor authentication, so just having the hash cracked wouldn't have worked anyway. He sets up a keylogger surreptitiously on Lazard's workstation while "performing updates" and showing Lazard new features in his email.

The things he captures with that keylogger:

* Numerous emails covering for boneheaded shit the SOLDIERs did.

* The letter "A" typed about a thousand times into a text file labeled "definitely not screams.txt".

* Moogle searches for "how to convince your employees to get therapy", "pasta recipes", "therapists near me", "child psychology for adults", "play therapy for adults", "cat psychology", and "shrimp pasta recipes".

* The password: &oh'ihiy_-8_gi"it"gi_ipkb0(-ur#3-@--LXS4ever--9(9;0(!08(098+pihjboigig(@ukopih

Then it is a simple matter of finding a zero-day race condition hack in the MFA software, timing things just right, and entering the password and hacked MFA key at the perfect moment.

Kunsel of course has pity on the man after seeing even more emails such as...

* Explaining to Roche that doing squats over his motorcycle makes it look like he's humping it, and it is making people uncomfortable.

* Asking Genesis to please not actually firaga the recruits this week, they don't need a lawsuit. No, it's not character building. No, even though it was part of his home training and Shinra sanctioned training a few years ago.

* Inviting Sephiroth over for shrimp pasta to discuss strategy.

* Asking Angeal to seek therapy so the others will follow his lead.

* Telling Zack that he could not have a therapy flamingo in the office. Even if it was a lawn ornament.

* Warning Hojo not to take Sephiroth this week.

* Warning Hollander not to take Genesis and Angeal this week.

* Reaming Heidegger out very politely for all his BS.

Kunsel logs out without doing anything. Lazard needs a break.

--------

Kunsel calls Angeal pretending to be the help desk. Angeal, a bit embarrassed over his upbringing and unsure because he feels unused to technology, eventually gives Kunsel the password: BanoraBoys123!

----------

Genesis' is guessed on the 7th try because Kunsel didn't want to bother typing in an entire stanza of Loveless with numbers instead of vowels.

1nf1n1t3_1n_myst3ry_1s_th3_g1ft_0f_th3_g0dd3ss__w3_s33k_1t_th7s_4nd_t4k3_t0_th3_sky_r1ppl3s...

He sends an email from Genesis inviting everyone to a Loveless recital on Tuesday. It backfires because several people, including Genesis, show up and have a great time.

-----------

Kunsel tries Zack's little trooper friend next. He's a tough nut to crack. He won't pick up his PHS to get vished, won't click on Kunsel's phishing emails, and won't tell Zack or Kunsel his password.

Kunsel captures his hash and cracks it. It takes a full 24 hours, but he gets it in the end:

!1986fuck_this_shit

#ff7 #sephiroth #zack fair #cloud strife #genesis rhapsodos #angeal hewley #lazard deusericus #die hojo die #kunsel #hackerman kunsel

37 notes · View notes