Entries Tagged ‘security’

Absolute minimum you need to know about storing passwords

In 2013 Forbes reported that approximately 30,000 sites across the globe are hacked each day. Yet, for some odd reason, in 2015, I still see web applications that employ questionable password storing mechanisms e.g. storing passwords in plain text or just hashing them with md5. With 30,000+ sites hacked a day, there is a strong […]

Microsoft cuts passwords to 16 chars

This week a big news broke out. Web mail service Hotmail apparently cut passwords to 16 character of length for years, despite allowing users to enter unlimited number of characters. According to arstechnica.com this applies to all Microsoft online services, i.e. Passport authentication. Now, this in itself is not a worry. Allowing 16 characters is […]

Security Certificate expiration in Lotus Domino on May 18th 2009

Got this e-mail from IBM Notes & Domino team todayand thought it worthy of sharing with public… What is happening The certificate for some Java applets in Lotus Domino 6.5.x, Domino 7.0.x, Domino 8.0.x, and Domino 8.5 have an expiration date of May 18, 2009. Starting May 19th, Web users will see a dialog with […]

Securing names.nsf content from the web

Database names.nsf on public servers usually contains all details about users, groups, server configurations. With R8 this content is now seen on the web by default. There are plenty of possibilities how to secure the data. The easiest one though is to check Don’t allow URL open on application properties.  As always there is a […]