Jump to content
Welcome, welcome! Come in and register, and have some developer coffee. 👨‍💻 ×

Hi, my name is chrono legionnaire(from fb group)


Recommended Posts

The topics that I will be putting here or share with all of you is topics about creating solutions/products that focuses on both user's privacy and security.

It will consists of certain information security knowledge and privacy knowledge on preventing the insider's or middle man from knowing what the user do or submitted to them.

I am a C# developer which uses .Net Framework, .Net Library, ASP.Net Core

The .Net Library I mainly use it for interop service, it's one of the new challenges that I have faced, I have to recreate the binding for libsodium in .Net as the old binding for libsodium in .Net was heavily deprecated. 

https://github.com/Chewhern/ASodium

  • Love 2
  • Good 1
Link to post
Share on other sites

Hi MrChew, nice to see you here.  We speak the same language, namely C#.  😬

Cryptography or encryption is an interesting topic and I particularly perform poorly in this subject (i.e. I store client's password in plain text in MySQL database from my PHP sign up / login page)

Once again, welcome our new member! 

Link to post
Share on other sites

Hi @chrono_legionnaire! Thanks for joining us. You have fascinating points that you have been thinking about. I think there's no better place to share your thoughts than with a community of like-minded individuals. Keep them coming!

Very interesting skillset as well!

Feel free to invite any of your friends and/or colleagues to this forum.

Have a nice stay!

Link to post
Share on other sites
Posted (edited)

So do I @FlierMate, I only know how the stuffs works in layman's term, but no don't do that, if you can do so, at the least use SHA generation 2 Family Algorithm (like SHA256/SHA512) with salt that generated with cryptographic RNG way. Storing it in plaintext form no.., storing it in non-salted hashed form is also no, the best was to use salted hash for password storage. If you can afford go and use "Argon2" which is the best password hashing algorithm that's available which uses stronger hash algorithm(Blake2B).

If you want to be even better use approach like Digital Signature Algorithm with challenge and respond style, this way u can't even leak passwords to begin with.  

If you really can't switch away from passwords login style.., use something called https://crypto.stackexchange.com/questions/27697/client-login-without-sending-a-password?rq=1 , this should do. This way the same applies, you can't possibly leak passwords

Edited by chrono_legionnaire
  • Like 1
Link to post
Share on other sites
On 4/26/2021 at 10:34 PM, chrono_legionnaire said:

I will be trying to shift myself away as much as I could from Facebook or WhatsApp,

Yeah, sometimes this instant messaging app is annoying. You may want to turn on Do Not Disturb at night.  I have also deactivated my Facebook, I do not quite like it.

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...