Skip to main content

Posts

Showing posts from 2016

CSS Specificity

Many time different CSS rules overlap on one or more element. And some people always get confuse about, which rule will take higher priority then other and why? CSS Specificity is the answer of all these kind of questions.
As the name suggest, the CSS rule which is more specific to the element will take higher priority then other. Means something like “#some_id{}” will always take higher priority then “*{}” universal selector.  And if duplicate rules are define then the last rule will be applied to the element.

The following list of selectors is by increasing specificity:
Type selector (e.g., div) and pseudo-elements in selector (e.g., :after) Class selectors (e.g., .some_class), attributes selectors (e.g., [type=”radio”]) and pseudo-class selector (e.g., :hover) Id selectors (e.g., #some_id)


ID takes higher priority then Class, Type and Universal selector (Note: Universal selector has no effect on specificity, see below special conditions). 



If duplicate rules are given, then last…

How to store user password at server!!!

Trick is, you should never store user password… never ever.


Now the real question is, then how to authenticate and authorize the user with password. And answer is when user enter the password, we should encrypt the password and store the hints.

So next time when user enter the password we follow the same process and compare hints, if both hints are same then password is matched, else it is wrong password.

Next question will be, what kind of hints, and how to generate these hints.
In simple term hints are the obfuscated and fragmented form of user password. And very important part is hints generation process, which have to be collision resistant, means there will be very less possibility to find the data which generate same hints (like Cryptographic hashing functions).

Below is the simple checklist of password hashing and storing, which you should always keep in mind.





PS
You're Probably Storing Passwords IncorrectlyStoring Passwords - done right!"Serious Security: How to st…