Hash Tables, Rainbow Table Attacks, and Salts
As we talked about, applications that properly handle passwords don’t actually store the passwords themselves in databases, but instead, store hashes of passwords. That’s why…
Useful IP widget for CTFs
Who can’t use more convenience? If you’re familiar with VPN profiles when it comes to CTF programs like THM and HTB, I’m sure you’ve forgotten…
Multifactor authentication (MFA) factors and attributes
Password-based authentication has been proven time and time again to be a vulnerable form of authentication. One of the best defenses is using Multifactor Authentication,…
What is Two-Factor Authentication (2FA)?
Passwords are hard. Most of us use passwords of varying length and complexity. That’s mainly to fulfill the requirements offered by every single site that…
Password managers: should you use them?
What’s the point of password managers anyway? Let’s take a look at a scenario that we’re all familiar with… The scenario: We all have this…
Encrypted versus hashed passwords. What’s the difference?
As you study for the CompTIA Security+ exam, it’s important that you understand the differences between plaintext, encrypted, and hashed passwords. It’s common to hear…
Are your passwords strong enough?
In this digital day and age, most of us know what a password is. If you’ve found this article or any other like it, you…
What to know about vulnerability scans for the Security+ exam
Regularly auditing systems for potential vulnerabilities is an important part of securing an organization’s environments, systems, and applications. One of the ways that we can…
Ultimate Study Guide for the CompTIA Security+ (SY0-601)
Preparing for certification exams can be stressful when you’re not sure what to expect or what to study. It doesn’t help when information that can…
Initialization Vector (IV) attacks with WEP
Understanding Initialization Vector (IV) attacks is important for the CompTIA Security+ exam, but it can be confusing if you’re not as familiar with cryptography concepts.…