Carnifex
SasqWatch
I visited the Codex some years ago, just not to my liking. I'll hang around here until they kick me out!
Me neither. There are more than enough other places of internet to occupy my interest(s).I did not resort to visiting the, well, other place.
If you aren't already, you might consider investigating SHA-3 for secure hashing, although SHA-2 is still pretty good.
I know you didn't ask me, but I couldn't finish that review. I thought it was a load of pretentious tripe. And the Codex turns my stomach. It's just chock full of toadies so desperate to appear undenIably clever but not really having the chops. It's like 6th-grade chess club over there.
I got one too, in my spam folder…but I had accounts on all the thing listed. :/
Which one? SMS with giving away my phone number? Never. Just no. I refused to do it on Steam and I constantly click skip everywhere that's bugging me with that notoriety.I would rather like two factor authentication implemented on RPGWatch.
Which one? SMS with giving away my phone number? Never. Just no. I refused to do it on Steam and I constantly click skip everywhere that's bugging me with that notoriety.
https://www.kaspersky.com/blog/2fa-practical-guide/24219/
https://www.cnet.com/how-to/why-you-are-at-risk-if-you-use-sms-for-two-step-verification/
I'd rather leave a site or service before accepting SMS authentication.
Hash by itself is weak. You have to toss in some salt. Still if the algorithm is known it becomes weak for folks using weak passwords. Anyway there are many papers on the topic but brush up on your math. The best intercept is before the hash.
Yep. Ideally the password change page would include strength testing with an option for two-factor authentication and Captcha, then force everybody to change to the new standard.
To use Steam phone malware for authentication you need to give them your phone number.
I'm one of those troglodytes who doesn't own a mobile/cell phone, so I can't do any form of SMS !! Ah the joys of being old!!!!
No, as changing your password means you are sent an email, with a link you need to click in order to activate the change.Since the link posted here allows you to change passwords with only access to the old password… doesn't that put inactive / rarely used accounts at risk? Because they may not change their password in time?
Then we are the last two on Earth without one.