Guillermo Rodas
Google Developer Expert in Web Technologies, Community Organizer, and Online Teacher.
@glrodasz
Google Developer Expert in Web Technologies
Community Organizer and Online Teacher
https://guillermorodas.com
@glrodasz
Encoding, Hashing, and Encryption
Symmetric and Asymmetric Encryption
Difference between Encryption vs Signing
Content Security Policy
Cross-site scripting (XSS)
2a identifies the bcrypt algorithm version that was used.
$vI8aWBnW3fID.ZQ4/zo1G.q1lRps.9cGLcZEiGDMVr5yUP1KUOYTa
$10
$2a
10 is the cost factor; 2^10 iterations of the key derivation function are used.
(which is not enough, by the way. I'd recommend a cost of 12 or more.)
vI8aWBnW3fID.ZQ4/zo1G.q1lRps.9cGLcZEiGDMVr5yUP1KUOYTa is the salt and the cipher text, concatenated and encoded in a modified Base-64.
The first 22 characters decode to a 16-byte value for the salt. The remaining characters are cipher text to be compared for authentication.
Content-Security-Policy: script-src https://apis.google.com https://platform.twitter.com; child-src https://plusone.google.com https://facebook.com https://platform.twitter.com
Content-Security-Policy: default-src 'none'; script-src https://cdn.mybank.net; style-src https://cdn.mybank.net; img-src https://cdn.mybank.net; connect-src https://api.mybank.com; child-src 'self'
Content-Security-Policy: default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'
By Guillermo Rodas
A retrospective about security in the front-end and some web security basic knowledge
Google Developer Expert in Web Technologies, Community Organizer, and Online Teacher.