8 Matching Annotations
  1. Apr 2025
  2. www.percona.com www.percona.com
    1
    1. TylerRick 07 Apr 2025
      In simple words, the database client and the server prove and convince each other that they know the password without exchanging the password or the password hash. Yes, it is possible by doing a Salted Challenge and Responses, SCRAM-SHA-256, as specified by RFC 7677. This way of storing, communicating, and verifying passwords makes it very hard to break a password.

      Interesting!

      authentication: password first sighting
    Visit annotations in context

    Tags

    Annotators

    URL

    percona.com/blog/postgresql-14-and-recent-scram-authentication-changes-should-i-migrate-to-scram/
  3. Mar 2025
  4. cheatsheetseries.owasp.org cheatsheetseries.owasp.org
    1
    1. TylerRick 20 Mar 2025
      Once an authenticated session has been established, the session ID (or token) is temporarily equivalent to the strongest authentication method used by the application, such as username and password, passphrases, one-time passwords (OTP),
      authentication: session-based equivalent annotation meta: may need new tag authentication: password security
    Visit annotations in context

    Tags

    Annotators

    URL

    cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html
  5. Jan 2024
  6. support.google.com support.google.com
    2
    1. TylerRick 08 Jan 2024
      less secure sign-in technology

      What does that mean exactly?

      All of a sudden my Rails app's attempts to send via SMTP started getting rejected until I enabled "Less secure app access". It would be nice if I knew what was necessary to make the access considered "secure".

      Update: Newer information added to this article (as well as elsewhere) leads me to believe that it is specifically sending password directly as authentication mechanism which was/is no longer permitted.

      This is the note that has since been added on this page, which clarifies this point:

      To help keep your account secure, from May 30, 2022, ​​Google no longer supports the use of third-party apps or devices which ask you to sign in to your Google Account using only your username and password.

      vague ambiguous authentication: password: no longer allowed authentication: password security
    2. TylerRick 08 Jan 2024
      To help keep your account secure, from May 30, 2022, ​​Google no longer supports the use of third-party apps or devices which ask you to sign in to your Google Account using only your username and password.
      authentication: password: no longer allowed Google Gmail passwords
    Visit annotations in context

    Tags

    Annotators

    URL

    support.google.com/accounts/answer/6010255
  7. support.google.com support.google.com
    1
    1. TylerRick 08 Jan 2024
      To keep your account more secure, Gmail no longer supports third-party apps or devices which require you to share your Google username and password. Sharing your account credentials with third-parties makes it easier for hackers to gain access to your account.
      security Gmail authentication: password: no longer allowed passwords
    Visit annotations in context

    Tags

    Annotators

    URL

    support.google.com/mail/answer/7126229
  8. Mar 2023
  9. keygen.sh keygen.sh
    1
    1. TylerRick 23 Mar 2023
      good tutorial multi-factor authentication Time-based One-Time Password (TOTP) Ruby Rails
    Visit annotations in context

    Tags

    Annotators

    URL

    keygen.sh/blog/how-to-implement-totp-2fa-in-rails-using-rotp/
  10. Apr 2020
  11. github.com github.com
    1
    1. TylerRick 21 Apr 2020
      gem: devise Time-based One-Time Password algorithm (TOTP) multi-factor authentication ruby library
    Visit annotations in context

    Tags

    Annotators

    URL

    github.com/ogminor/devise-mfa
  12. github.com github.com
    1
    1. TylerRick 21 Apr 2020
      gem: devise two-factor authentication Time-based One-Time Password algorithm (TOTP) ruby library
    Visit annotations in context

    Tags

    Annotators

    URL

    github.com/tinfoil/devise-two-factor