Tagged articles

24 articles

Page 1 of 1

Apr 9, 2026 · Artificial Intelligence

Building a Generic AI Agent for Automated Test Case and Script Generation (Part 3)

After parallelizing registration, login, and password‑recovery flows, this article shows how to embed those requirements into a reusable intelligent agent, detailing the workflow diagram, system and user prompts, and providing concrete Python‑based API and Playwright test script examples with CSRF handling, password hashing, and database cleanup.

AI testingAPI testingCSRF

0 likes · 38 min read

Building a Generic AI Agent for Automated Test Case and Script Generation (Part 3)

php Courses

Jan 8, 2026 · Backend Development

Secure PHP Password Storage: md5, password_hash, and crypt Explained with Code

This guide walks through three common PHP password‑hashing techniques—md5, password_hash (BCrypt), and crypt—showing complete registration and login code samples, highlighting security drawbacks of md5 and recommending stronger, salted hashing for safe user authentication.

Backend SecurityMD5crypt

0 likes · 5 min read

Secure PHP Password Storage: md5, password_hash, and crypt Explained with Code

dbaplus Community

Sep 21, 2025 · Information Security

Why Servers Can’t Know Your Original Password: Understanding Hashing and Salting

Password reset security relies on the server storing only salted hash values, not the original passwords; this article explains why plain‑text storage is unsafe, outlines hash algorithm types, demonstrates MD5’s shortcomings, and provides Java code for generating SHA‑256 + salt hashes.

AuthenticationJavaSHA-256

0 likes · 5 min read

Why Servers Can’t Know Your Original Password: Understanding Hashing and Salting

Code Wrench

Sep 12, 2025 · Information Security

Master Secure Go Cryptography: Common Pitfalls & Best Practices

This article provides a comprehensive guide to Go cryptography, covering fundamental concepts, common mistakes like using math/rand for keys or RSA v1.5 padding, correct implementations with crypto/rand, AES‑GCM, RSA‑OAEP/PSS, password‑derived keys, performance benchmarks, and practical testing strategies.

AESGoRSA

0 likes · 12 min read

Master Secure Go Cryptography: Common Pitfalls & Best Practices

php Courses

Sep 5, 2025 · Information Security

How to Secure Data in PHP: HTTPS, Hashing, Prepared Statements, and Encryption

This guide explains essential PHP techniques for protecting sensitive data, covering HTTPS usage, password hashing algorithms, prepared statements to prevent SQL injection, encryption methods like AES and RSA, and CAPTCHA implementation, with clear code examples for each security measure.

CaptchaHTTPSPrepared Statements

0 likes · 4 min read

How to Secure Data in PHP: HTTPS, Hashing, Prepared Statements, and Encryption

php Courses

Jun 18, 2025 · Information Security

Why Most PHP Auth Systems Are Insecure and How to Build a Truly Safe One

This article reveals common security flaws in typical PHP authentication implementations—such as misconceptions about session safety, weak password storage, inadequate CSRF protection, missing rate limiting, and lack of multi‑factor authentication—and provides concrete best‑practice steps, including modern password hashing, strict session management, HTTPS enforcement, comprehensive CSRF defenses, intelligent rate limiting, MFA support, and regular security audits.

CSRFMFAPHP

0 likes · 5 min read

Why Most PHP Auth Systems Are Insecure and How to Build a Truly Safe One

php Courses

Mar 10, 2025 · Information Security

Security Protection Strategies and Vulnerability Mitigation for PHP Applications

This article examines essential security measures for PHP applications, covering protection against SQL injection, XSS, CSRF, unsafe file uploads, session fixation, weak passwords, error disclosure, and the importance of HTTPS, with practical code examples and configuration tips to build more resilient web services.

SQL injectionXSSfile-upload

0 likes · 8 min read

Security Protection Strategies and Vulnerability Mitigation for PHP Applications

Open Source Tech Hub

Jul 25, 2024 · Information Security

Secure PHP Password Storage: From MD5+Salt to Bcrypt and Argon2

This guide explains why MD5 with salt is insecure, introduces stronger hashing algorithms like bcrypt and Argon2, and provides practical PHP examples using password_hash and password_verify to safely store and verify user passwords with built‑in salts and configurable cost factors.

PHPargon2bcrypt

0 likes · 8 min read

Secure PHP Password Storage: From MD5+Salt to Bcrypt and Argon2

php Courses

Jul 16, 2024 · Backend Development

Using PHP password_hash Function for Secure Password Hashing

This article explains how to securely hash passwords in PHP using the password_hash function, covering the concept of hashing, code examples for creating and verifying hashes, automatic salting, and best practices for protecting user credentials.

Backend DevelopmentSecuritypassword hashing

0 likes · 5 min read

Using PHP password_hash Function for Secure Password Hashing

php Courses

Jul 5, 2024 · Information Security

Laravel Security Best Practices: Preventing SQL Injection, CSRF, XSS, Password Management, and Data Encryption

This article explains how Laravel’s built‑in features—such as Eloquent ORM, CSRF tokens, Blade auto‑escaping, the Hash facade, and the Encrypter service—help developers protect web applications against SQL injection, CSRF, XSS, insecure password storage, and data exposure.

CSRFLaravelSQL injection

0 likes · 6 min read

Laravel Security Best Practices: Preventing SQL Injection, CSRF, XSS, Password Management, and Data Encryption

21CTO

Jun 12, 2024 · Backend Development

What’s New in PHP 8.4? Explore Enhanced String Functions, HTML5 DOM, and More

PHP 8.4, slated for a November 2024 release, introduces enhanced multibyte string functions, HTML5‑aware DOM extensions, stronger password hashing, property hooks, parenthesis‑free method calls, JIT configuration changes, and deprecates implicit nullable types, offering developers a more powerful and secure platform.

8.4Backend DevelopmentDOM

0 likes · 6 min read

What’s New in PHP 8.4? Explore Enhanced String Functions, HTML5 DOM, and More

macrozheng

May 9, 2024 · Information Security

Why Servers Never Store Your Original Password: A Deep Dive into Secure Hashing

This article explains why servers cannot know your original password, covering the principles of password hashing, the difference between cryptographic and non‑cryptographic hash functions, the role of salts, and a Java example using SHA‑256 with salt to securely store passwords.

JavaSHA-256Security

0 likes · 6 min read

Why Servers Never Store Your Original Password: A Deep Dive into Secure Hashing

macrozheng

Apr 11, 2024 · Information Security

Why MD5 Is Unsafe for Passwords and How to Choose Secure Hashing Algorithms

The article explains why MD5 and simple salted hashes are insecure for password storage, distinguishes between cryptographic and non‑cryptographic hash functions, introduces slow key‑derivation algorithms such as Bcrypt, Scrypt and Argon2, and recommends using strong KDFs with unique salts in modern applications.

KDFMD5bcrypt

0 likes · 7 min read

Why MD5 Is Unsafe for Passwords and How to Choose Secure Hashing Algorithms

php Courses

Feb 8, 2024 · Backend Development

Password Encryption Methods in PHP: md5, password_hash, and crypt

This article explains three common PHP password encryption techniques—md5, password_hash (using BCrypt), and crypt—detailing their security considerations and providing complete code examples for user registration and login verification.

MD5Securitycrypt

0 likes · 6 min read

Password Encryption Methods in PHP: md5, password_hash, and crypt

php Courses

Oct 11, 2023 · Information Security

Best Practices for Data Security and Encryption in PHP Development

This article explains essential PHP techniques—including HTTPS, password hashing, prepared statements, encryption algorithms, and captchas—along with practical code examples to help developers protect sensitive data from attacks and leaks.

CaptchaPHPPrepared Statements

0 likes · 4 min read

Best Practices for Data Security and Encryption in PHP Development

php Courses

May 20, 2023 · Information Security

Preventing Brute‑Force Attacks in PHP Applications

This article explains what brute‑force attacks are, why they threaten PHP applications, and presents three practical defenses—two‑factor authentication, enforced password policies, and brute‑force mitigation techniques—along with complete PHP code examples for each method.

PHPSecurityTwo-Factor Authentication

0 likes · 4 min read

Preventing Brute‑Force Attacks in PHP Applications

MaGe Linux Operations

Sep 19, 2022 · Information Security

Why Encrypted ZIP Files Can Have Two Valid Passwords – The PBKDF2 Hash Trick

A security researcher demonstrated that an AES‑256 encrypted ZIP archive can be opened with two completely different passwords because ZIP implementations hash passwords longer than 64 bytes using PBKDF2, turning the long password into its SHA‑1 hash which matches the short password.

AES-256PBKDF2password hashing

0 likes · 5 min read

Why Encrypted ZIP Files Can Have Two Valid Passwords – The PBKDF2 Hash Trick

Code Ape Tech Column

Sep 14, 2022 · Information Security

Understanding BCrypt and Password Hashing in Spring Security

This article explains the differences between hashing and encryption, demonstrates Java's built‑in hash implementations, discusses the insecurity of MD5 and rainbow‑table attacks, and provides a detailed guide on using BCrypt with Spring Security, including code examples and the PasswordEncoder interface.

bcryptencryptioninformation security

0 likes · 12 min read

Understanding BCrypt and Password Hashing in Spring Security

Programmer DD

Aug 29, 2022 · Information Security

Why Can a ZIP Archive Have Two Valid Passwords? The PBKDF2 Secret Explained

An experiment by a security researcher shows that AES‑256 encrypted ZIP files can be opened with two completely different passwords because passwords longer than 64 bytes are hashed with PBKDF2, turning the hash into the actual key used for encryption and decryption.

AES-256PBKDF2password hashing

0 likes · 6 min read

Why Can a ZIP Archive Have Two Valid Passwords? The PBKDF2 Secret Explained

Jike Tech Team

Aug 29, 2019 · Information Security

Why Argon2 Beats Traditional Password Hashes: A Deep Dive into Memory‑Hard Functions

Argon2, the 2015 PHC champion, is a memory‑hard password‑hashing function that leverages large memory usage and configurable parameters to thwart GPU, FPGA, and ASIC attacks, offering three variants (d, i, id) and detailed security, performance, and implementation analysis.

Securityargon2cryptography

0 likes · 16 min read

Why Argon2 Beats Traditional Password Hashes: A Deep Dive into Memory‑Hard Functions

Architect

Feb 25, 2016 · Information Security

Proper Password Hashing: Salting, Key Stretching, and Secure Implementation

This article explains why simple password hashing is insufficient, describes common attacks such as dictionary, brute‑force, lookup‑table and rainbow‑table attacks, and provides best‑practice guidance—including random salts, CSPRNGs, key‑stretching algorithms like PBKDF2, bcrypt and scrypt—and complete PHP reference implementations.

PBKDF2PHPSecurity

0 likes · 34 min read

Proper Password Hashing: Salting, Key Stretching, and Secure Implementation

Architect

Feb 25, 2016 · Information Security

Password Hashing with PBKDF2 in C# (ASP.NET) and Ruby on Rails

The article presents complete, licensed implementations of salted PBKDF2‑SHA1 password hashing for both ASP.NET (C#) and Ruby on Rails, detailing the source code, usage methods, and verification procedures to securely store and validate passwords.

ASP.NETC#PBKDF2

0 likes · 7 min read

Password Hashing with PBKDF2 in C# (ASP.NET) and Ruby on Rails

High Availability Architecture

Jul 30, 2015 · Information Security

Web Application Security Threats and Mitigation Strategies

This article outlines the most common web application security threats—including XSS, SQL injection, CSRF, transmission hijacking, credential leaks, brute‑force attacks, and token theft—and provides practical mitigation techniques such as proper escaping, CSP, parameterized queries, CSRF tokens, HTTPS, HSTS, HPKP, encrypted password storage, two‑factor authentication, and robust token handling.

CSPCSRFHTTPS

0 likes · 26 min read

Web Application Security Threats and Mitigation Strategies

Architect

Jun 9, 2015 · Information Security

Why Use bcrypt for Password Hashing Instead of MD5, SHA1, SHA256, etc.

The article explains that general‑purpose hash functions like MD5 and SHA families are fast and vulnerable to brute‑force attacks, while bcrypt’s deliberately slow, work‑factor‑adjustable design makes it a far more secure choice for storing passwords.

Securitybcryptcryptography

0 likes · 4 min read

Why Use bcrypt for Password Hashing Instead of MD5, SHA1, SHA256, etc.