Security

End-to-end encryption isn’t enough. Learn how on-device machine learning models can silently profile you—and how to fight back.

The blog post examines how Juspay’s auto-checking of HDFC Bank’s anti-phishing ‘Secure Access ID’ could undermine user security. The author argues that this action, while not immediately dangerous, could condition users to be less vigilant against phishing attacks. The post contends that third parties like Juspay should not alter a bank’s security measures. The post also questions if HDFC’s anti-phishing measure is effective, in the first place and discusses who should be responsible in defining and mitigating a site’s threat model.

Check out xkcd’s xkpasswd. It allows you to generate very secure passphrases with various configurations. The reason we use the word passphrase and not password throughout the Cacti Vault app is because we want to push you to use as long a passphrase as possible. The US National Institute of Standards and Technology (NIST) recommends creating long passphrases that are easy to remember and difficult to crack. According to Special Publication 800–63, Digital Identity Guidelines, a best practice is to generate passphrases of about 64 characters, including spaces....