BestHub
Sign in
Tagged articles
43 articles
Page 1 of 1
Black & White Path
Black & White Path
May 5, 2026 · Information Security

Microsoft Edge Stores Passwords in Plain Memory – Users’ Trust Exposed

A security analysis reveals that Microsoft Edge keeps all saved passwords in plaintext within process memory, dramatically widening the attack surface, while Microsoft’s terse "by design" response raises serious concerns for both individual users and enterprises, prompting urgent mitigation recommendations.

Microsoft Edgebrowser vulnerabilityinformation security
0 likes · 6 min read
Microsoft Edge Stores Passwords in Plain Memory – Users’ Trust Exposed
Liangxu Linux
Liangxu Linux
Aug 9, 2025 · Information Security

How a Single Weak Password Sank a 158‑Year‑Old UK Logistics Firm

A 158‑year‑old British transport company was crippled by a ransomware attack after hackers guessed an employee's weak password, leading to full data encryption, massive financial loss, bankruptcy, and highlighting systemic IT security failures.

Akira groupCyberattackIT security
0 likes · 9 min read
How a Single Weak Password Sank a 158‑Year‑Old UK Logistics Firm
Java Tech Enthusiast
Java Tech Enthusiast
May 22, 2025 · Information Security

Chrome’s Automatic Password Change Feature and Implementation Guidelines for Websites

Google Chrome now offers an automatic password‑change function that detects leaked credentials, generates strong passwords, and updates them with minimal user effort, while websites must adopt specific autocomplete attributes and change‑password URLs to integrate seamlessly with this security enhancement.

Auto-Password ChangeChromeinformation security
0 likes · 5 min read
Chrome’s Automatic Password Change Feature and Implementation Guidelines for Websites
php Courses
php Courses
May 7, 2025 · Backend Development

How to Strengthen Website Password Security Using PHP

This article explains how to improve website password security in PHP by using modern hash functions, adding random salts, employing built‑in password hashing APIs, enforcing strong password policies, scheduling regular password changes, and implementing measures to prevent brute‑force attacks.

Hashingbest-practicespassword security
0 likes · 5 min read
How to Strengthen Website Password Security Using PHP
php Courses
php Courses
Dec 27, 2024 · Backend Development

Using PHP password_hash for Secure Password Hashing

This article explains how PHP's password_hash function creates cryptographically strong, salted password hashes, demonstrates its usage with example code, and shows how to verify passwords securely using password_verify, emphasizing best practices for backend security.

BackendHashingpassword security
0 likes · 4 min read
Using PHP password_hash for Secure Password Hashing
php Courses
php Courses
Jan 3, 2024 · Backend Development

How to Strengthen Website Password Security Using PHP

This article explains how to enhance website password security in PHP by using hash functions, adding salts, employing password_hash and password_verify, enforcing strong password policies, scheduling regular password changes, and implementing measures against brute‑force attacks.

BackendHashingPHP
0 likes · 5 min read
How to Strengthen Website Password Security Using PHP
Programmer DD
Programmer DD
Dec 1, 2022 · Information Security

What the 2022 NordPass Study Reveals About the World's Weakest Passwords

NordPass analyzed a 3 TB dataset from 30 countries to identify the most common 2022 passwords, showing that weak, easily guessable passwords still dominate, cultural trends affect password choices, and providing practical advice for improving online security.

NordPassPassword Managementcommon passwords
0 likes · 5 min read
What the 2022 NordPass Study Reveals About the World's Weakest Passwords
ELab Team
ELab Team
Jul 7, 2022 · Information Security

Is Your Password Really Secure? Hashing, Salting, and WebAuthn Explained

This article examines why passwords are often insecure, explains how they should be stored using hash algorithms and salts, outlines common password‑weaknesses and system vulnerabilities, and introduces FIDO/WebAuthn as a modern, password‑less authentication solution.

AuthenticationFIDOHashing
0 likes · 31 min read
Is Your Password Really Secure? Hashing, Salting, and WebAuthn Explained
21CTO
21CTO
Feb 17, 2021 · Information Security

Why "123456" Still Tops the Worst Password List and How to Protect Yourself

The 2020 NordPass survey reveals that simple numeric passwords like "123456" remain the most common weak passwords, highlighting new risky entries and offering practical advice for creating stronger, more secure credentials.

NordPass surveybest practicesinformation security
0 likes · 4 min read
Why "123456" Still Tops the Worst Password List and How to Protect Yourself
Liangxu Linux
Liangxu Linux
Feb 15, 2021 · Information Security

Why the Chinese Phonetic Password ‘ji32k7au4a83’ Shows Up 141 Times

The article examines how a seemingly random string ‘ji32k7au4a83’ appears 141 times in the Have I Been Pwned password database, explains its origin in the Chinese Zhuyin phonetic system, and offers practical guidelines for creating stronger passwords to avoid common security pitfalls.

Have I Been PwnedZhuyincommon passwords
0 likes · 5 min read
Why the Chinese Phonetic Password ‘ji32k7au4a83’ Shows Up 141 Times
Programmer DD
Programmer DD
Jan 24, 2021 · Information Security

Why the Weird Password “ji32k7au4a83” Reveals Hidden Risks in Common Passwords

The article explains how a seemingly random password "ji32k7au4a83" appeared in millions of data breaches because it encodes the Chinese phrase "my password" in Zhuyin, highlights the prevalence of weak passwords like "123456", and offers practical advice for creating stronger, more secure passwords.

Have I Been PwnedZhuyincommon passwords
0 likes · 4 min read
Why the Weird Password “ji32k7au4a83” Reveals Hidden Risks in Common Passwords
macrozheng
macrozheng
Jan 7, 2021 · Information Security

How to Securely Transmit and Store User Passwords: HTTPS, Encryption, and Bcrypt

This article explains why transmitting passwords over plain HTTP is unsafe, introduces HTTPS and its TLS encryption process, compares symmetric and asymmetric encryption methods, and recommends secure password storage techniques such as salted hashing and BCrypt to protect against rainbow‑table and brute‑force attacks.

HTTPSHashingbcrypt
0 likes · 11 min read
How to Securely Transmit and Store User Passwords: HTTPS, Encryption, and Bcrypt
JD Cloud Developers
JD Cloud Developers
Dec 3, 2020 · Information Security

Why Weak Passwords Still Prevail and How Modern Cryptography Secures Your Data

This article explores the prevalence of weak passwords, introduces fundamental concepts of cryptography, explains symmetric encryption algorithms and their key distribution challenges, and demonstrates the Diffie‑Hellman key‑exchange process with a concrete example and a Python implementation of primitive‑root calculation.

Diffie-Hellmancryptographyinformation security
0 likes · 9 min read
Why Weak Passwords Still Prevail and How Modern Cryptography Secures Your Data
Programmer DD
Programmer DD
Nov 26, 2020 · Information Security

What the 2020 Most Common Passwords Reveal About Your Online Security

A recent NordPass analysis of the 200 most common passwords in 2020 shows why simple strings like "123456" dominate, how millions of accounts are exposed, and offers practical advice on creating stronger, unique passwords to protect against breaches and phishing attacks.

NordPassPassword Managementcommon passwords
0 likes · 6 min read
What the 2020 Most Common Passwords Reveal About Your Online Security
Aikesheng Open Source Community
Aikesheng Open Source Community
Nov 23, 2020 · Databases

Resolving MySQL 5.7 Login Issue Caused by the auth_socket Plugin and Exploring Its Use Cases

The article describes a puzzling MySQL 5.7 situation where any password works, investigates the cause as the auth_socket authentication plugin, provides exact SQL commands to fix the issue, and explains the plugin's security characteristics and appropriate deployment scenarios.

auth_socketauthentication plugindatabase troubleshooting
0 likes · 5 min read
Resolving MySQL 5.7 Login Issue Caused by the auth_socket Plugin and Exploring Its Use Cases
Open Source Linux
Open Source Linux
Nov 23, 2020 · Information Security

2020’s Most Common Passwords Revealed and How to Build Uncrackable Ones

A NordPass analysis of 275 million passwords uncovered the 2020 top‑200 most used passwords, highlighting why simple strings like “123456” are easily cracked and offering practical advice—including length, complexity, and unique generation techniques—to help users create far stronger, unbreakable passwords.

common passwordsinformation securitypassword best practices
0 likes · 5 min read
2020’s Most Common Passwords Revealed and How to Build Uncrackable Ones
Programmer DD
Programmer DD
Aug 30, 2020 · Information Security

Why Plaintext Passwords Are Dangerous and How to Secure Them Properly

Storing passwords in plaintext is insecure; instead, use cryptographic hash functions with proper salting, avoid simple encryption like AES, understand rainbow table attacks, and adopt modern password‑hash algorithms such as Argon2, Bcrypt or Scrypt to protect user credentials against modern threats.

Hashingcryptographic hashinformation security
0 likes · 13 min read
Why Plaintext Passwords Are Dangerous and How to Secure Them Properly
Architects Research Society
Architects Research Society
Sep 21, 2019 · Information Security

12 Best Cybersecurity Practices for 2019

This article outlines twelve essential cybersecurity practices for 2019, covering biometric authentication, tiered security policies, risk‑based approaches, regular backups, IoT security, multi‑factor authentication, password management, least‑privilege principles, privileged‑user monitoring, third‑party access control, phishing awareness, and employee training.

Data ProtectionMFAbest practices
0 likes · 18 min read
12 Best Cybersecurity Practices for 2019
21CTO
21CTO
Sep 29, 2018 · Information Security

How Weak Default Passwords Exposed Ukraine’s Military Network

A Ukrainian journalist revealed that the armed forces' Dnipro system used default passwords like "admin" and "123456", allowing anyone to access critical network devices and potentially map and infiltrate the entire military network, highlighting severe information‑security risks.

Network VulnerabilityUkraineinformation security
0 likes · 4 min read
How Weak Default Passwords Exposed Ukraine’s Military Network
Efficient Ops
Efficient Ops
Jun 13, 2018 · Information Security

AcFun Data Breach Exposes Millions – How to Safeguard Your Account

In early June, AcFun announced a massive hack that leaked nearly ten million user records, including IDs, nicknames and encrypted passwords, urging users—especially those who haven’t logged in since July 2017 or use weak passwords—to change them immediately, while noting that the data is already being sold on the dark web.

AcFundark webdata breach
0 likes · 4 min read
AcFun Data Breach Exposes Millions – How to Safeguard Your Account
Architect's Tech Stack
Architect's Tech Stack
May 11, 2018 · Information Security

Understanding Password Encryption, Transmission, and Secure Storage

This article explains how passwords should be encrypted during transmission using symmetric and asymmetric methods such as RSA, why HTTPS is essential, how services like GitHub and Baidu handle login security, and best practices for securely storing passwords with hashing, salting, and strong algorithms like BCrypt and PBKDF2.

HTTPSHashingPBKDF2
0 likes · 11 min read
Understanding Password Encryption, Transmission, and Secure Storage
21CTO
21CTO
Aug 27, 2017 · Information Security

How to Secure User Passwords: From Weak Hashes to PBKDF2, bcrypt, and scrypt

This article examines common password‑storage techniques, explains why plain‑text, symmetric encryption, and simple hashes are insecure, and demonstrates how modern algorithms like PBKDF2, bcrypt, and scrypt, together with proper salting and iteration, can effectively protect user credentials against large‑scale cracking attacks.

HashingPBKDF2bcrypt
0 likes · 8 min read
How to Secure User Passwords: From Weak Hashes to PBKDF2, bcrypt, and scrypt
DevOps
DevOps
Mar 17, 2016 · Information Security

How to Create Memorable Yet Hard-to-Guess Passwords

This article shares practical techniques for generating passwords that are easy to remember but difficult for others to guess, including using initials of poems, personal info combined with app names and random numbers, and custom keyboard patterns, while emphasizing the importance of a consistent rule.

best practicesinformation securitymemorable passwords
0 likes · 4 min read
How to Create Memorable Yet Hard-to-Guess Passwords
ITPUB
ITPUB
Jan 29, 2016 · Information Security

Why Strict Password Rules Fail and How to Design Better Policies

The article critiques common mandatory password complexity rules, explains why they often reduce security and usability, and proposes simpler, more effective approaches such as longer minimum lengths, pattern restrictions, and using strength estimators like zxcvbn, illustrated with Laravel implementation examples.

LaravelPassword policyinformation security
0 likes · 5 min read
Why Strict Password Rules Fail and How to Design Better Policies
21CTO
21CTO
Dec 17, 2015 · Information Security

Can Frontend Slow Encryption Really Strengthen Password Security?

This article explores the concept of front‑end slow encryption, explaining how deliberately increasing hashing time can hinder password cracking, discussing implementation techniques, performance trade‑offs, salt handling, adaptive strength strategies, and the broader security implications for web applications.

client‑side encryptioncryptographyfrontend
0 likes · 21 min read
Can Frontend Slow Encryption Really Strengthen Password Security?
21CTO
21CTO
Nov 29, 2015 · Information Security

How Frontend Slow Encryption Boosts Password Security and Defends Against Data Breaches

This article explains the concept of front‑end slow encryption, why making password hashing deliberately slower improves resistance to brute‑force attacks, how to implement it with salts and variable work factors, and the trade‑offs in performance, usability, and server resource consumption.

client‑side encryptionfrontendpassword security
0 likes · 20 min read
How Frontend Slow Encryption Boosts Password Security and Defends Against Data Breaches
ITPUB
ITPUB
Nov 23, 2015 · Information Security

Why Storing Plaintext Passwords Is Dangerous and How Salting & Hashing Protect Users

The article explains why storing plaintext passwords is insecure, describes one‑way hashing, the danger of rainbow tables, how salting and strong hash functions protect credentials, warns against multiple hashing, and outlines practical strategies—including HTTPS and server‑side salts—to secure user authentication.

Hashingpassword securityrainbow tables
0 likes · 8 min read
Why Storing Plaintext Passwords Is Dangerous and How Salting & Hashing Protect Users
Efficient Ops
Efficient Ops
Nov 17, 2015 · Information Security

Why Are MySQL Docker Containers Exposing Plaintext Passwords?

This article examines how MySQL containers run with Docker often expose root passwords in clear text through environment variables, detailing where the plaintext is stored, the security risks involved, and practical steps to mitigate the vulnerability.

DevOpsDockermysql
0 likes · 9 min read
Why Are MySQL Docker Containers Exposing Plaintext Passwords?