Website Security Solutions | Latest Guides | Blog

What is SHA-256? How is Hashing used?

| #Articles

Next to encryption, hashing is perhaps the most important building block of modern cryptosystems. But what is a hash? Why is it important? How can some ways of computing a hash be better than others, and what makes a particular method suitable for cryptography? What is a hash? What do we use hashes for? What makes a hash suitable for cryptographic purposes? Testing it with OpenSSL … [read more →]

What is 256-bit Encryption? How long would it take to crack?

| #Articles

It is a peculiar thing to see, but more and more commonly terms of art make their way into the mainstream media. It seems that every week a new article about a vulnerability, cyberattack, or data breach makes its way into public discourse. One phrase used to give confidence in a strong encryption scheme is “256-bit encryption”, but what does this mean? What is Encryption? What is a Key Size? H… [read more →]

DDOS Attacks: A game of cat and mouse

| #Articles

What is a DOSS Attack? How can it be prevented? How often does this sort of thing happen? How do attackers get their hands on so much bandwidth? What can I do? What is a DOSS Attack? A distributed-denial-of-service (DDOS) attack occurs when a service provider is intentionally overwhelmed at the network layer by a large volume of requests. These requests might consist of normal traffic… [read more →]

SSL/TLS and captive portals

| #Articles

What is a captive portal? Have you ever used public internet at an airport or a coffee shop? Perhaps you have to accept a terms of service before being granted access to the WIFI at your place of work? If so, chances are that you’ve used a captive portal – possibly without knowing it! Captive Portals are a legitimate means of grabbing the users attention, either to force them to accept terms of ser… [read more →]

Let's Encrypt becoming untrusted in 2021 for some

| #Articles

Let’s Encrypt is a fairly popular service offering free SSL/TLS certificates to those who are uninterested in the value-add of traditional certificate resellers. Historically, this CA has partnered with IdenTrust to provide this service as it has existed in the root stores of client machines for many years. Let’s Encrypt’s strategy was dualfold: their certificates were signed by their own CA while… [read more →]