mirror of
https://github.com/LukeHagar/website.git
synced 2025-12-08 12:57:48 +00:00
Small SEO blog fixes
This commit is contained in:
Snezhanna
@@ -1,6 +1,6 @@
|
||||
---
|
||||
layout: post
|
||||
title: Building cross platform applications with React Native
|
||||
title: How to build cross-platform applications with React Native
|
||||
description: With the launch of our new React Native SDK in open beta we want to take a deeper dive into cross platform development and when you should use it.
|
||||
date: 2024-05-05
|
||||
cover: /images/blog/react-nativecross.png
|
||||
@@ -9,11 +9,11 @@ author: damodar-lohani
|
||||
category: engineering
|
||||
---
|
||||
|
||||
Android, iOS, macOS, Linux, Windows, and the Web. Different platforms with different codebases. As a developer, you might have faced the challenge of building one application for multiple platforms. Considering the challenge of mastering all of the skills to build an application that performs well cross-platform, it’s no wonder we have seen the rise of cross platform frameworks such as React Native and Flutter. Frameworks that allow you to create applications that operate seamlessly across multiple operating systems from a single codebase. Saving time, cutting costs, and targeting a larger user base.
|
||||
Android, iOS, macOS, Linux, Windows, and the Web. Different platforms with different codebases. As a developer, you might have faced the challenge of building one application for multiple platforms. Considering the challenge of mastering all of the skills to build an application that performs well cross-platform, it’s no wonder we have seen the rise of cross platform frameworks such as React Native and Flutter. These frameworks allow you to create applications that run smoothly on multiple operating systems from a single codebase. This saves time, reduces costs, and reaches a larger user base.
|
||||
|
||||
# Why cross platform?
|
||||
# Why cross-platform?
|
||||
|
||||
Why might one choose cross platform development over developing applications for each platform? Based on the intro, it might seem logical, but let’s take a deeper look at why this is beneficial in some cases.
|
||||
Why might one choose cross-platform development over developing applications for each platform? Based on the intro, it might seem logical, but let’s take a deeper look at why this is beneficial in some cases.
|
||||
|
||||
There might be several reasons, but the most important ones are as follows:
|
||||
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
---
|
||||
layout: post
|
||||
title: Demystifying password hashing algorithms
|
||||
description: What are password hashing algorithms and how they help secure user credentials in your application.
|
||||
title: How password hashing algorithms keep your data safe
|
||||
description: Learn about password hashing algorithms and how they help secure user credentials in your application.
|
||||
date: 2023-10-20
|
||||
cover: /images/blog/password-hashing-algorithms.png
|
||||
timeToRead: 7
|
||||
@@ -9,13 +9,15 @@ author: aditya-oberai
|
||||
category: authentication, security
|
||||
---
|
||||
|
||||
In today's digital world, securing sensitive information such as passwords is of paramount importance. Password hashing algorithms play a crucial role in protecting user credentials and ensuring the integrity of authentication systems. In this blog, we will delve into the intricacies of password hashing algorithms, explore their key characteristics, and discuss some of the most widely used and secure algorithms to help you make informed decisions when implementing password storage and verification in your applications.
|
||||
In today's digital world, keeping sensitive information like passwords secure is extremely important. Password hashing algorithms are essential for protecting user credentials and ensuring authentication systems are reliable.
|
||||
|
||||
In this blog, we'll break down how password hashing algorithms work, highlight their key features, and review some of the most popular and secure algorithms. This will help you make informed choices when setting up password storage and verification in your applications.
|
||||
|
||||
## What is a password hashing algorithm?
|
||||
|
||||
**Password hashing algorithms** are specialized mathematical functions that transform plaintext passwords into unique, fixed-size outputs, known as hashes, which are then stored in databases. Through the use of techniques such as salting, adjustable work factors, and memory hardness, modern password hashing algorithms are designed to thwart attacks and keep user data secure.
|
||||
**Password hashing algorithms** are specialized mathematical functions that transform plain text passwords into unique, fixed-size outputs, known as hashes, which are then stored in databases. Through the use of techniques such as salting, adjustable work factors, and memory hardness, modern password hashing algorithms are designed to prevent attacks like rainbow tables and data breaches.
|
||||
|
||||
The mathematical process of password hashing involves applying a hash function to a combination of a password and a salt, iterating the process based on a work factor, and, in some cases, incorporating memory hardness to increase the computational complexity.
|
||||
Password hashing involves using a hash function to combine a password with a unique value called a salt. This process is repeated multiple times based on a set difficulty level. Sometimes, additional memory usage is included to make the process even more complex and secure.
|
||||
|
||||
This function would operate as follows:
|
||||
|
||||
@@ -34,7 +36,7 @@ The result is a fixed-size hash that is unique, deterministic, and resistant to
|
||||
Password hashing algorithms have certain characteristics:
|
||||
|
||||
- **One-way function**
|
||||
Password hashing algorithms should be one-way functions, making it computationally infeasible to reverse-engineer the original password from the hash output, preventing attackers from trying to retrieve user passwords from the stored hashes.
|
||||
Password hashing algorithms should be one-way functions, so it's nearly impossible to reverse-engineer the original password from the hash. This prevents attackers from getting user passwords from stored hashes.
|
||||
- **Deterministic**
|
||||
A password hashing algorithm must always produce the same hash output for a given input to ensure consistency and reliability.
|
||||
- **Fixed-size output**
|
||||
@@ -42,13 +44,13 @@ Password hashing algorithms must produce a fixed-size output (hash) regardless o
|
||||
- **Slow computation**
|
||||
Unlike general hashing algorithms, which prioritize fast computation, password hashing algorithms should be intentionally slow to compute. This characteristic makes it more time-consuming and resource-intensive for attackers to perform brute-force attacks or attempt to guess passwords using a large number of inputs.
|
||||
- **Avalanche effect**
|
||||
A small change in the input should result in a significant change in the hash output, making the new output appear uncorrelated with the old output. This property makes it difficult for attackers to predict the input based on the output or find two different inputs that produce the same output (collision). For example, the SHA-256 hash for `eight` is `c195d2d8756234367242ba7616c5c60369bc25ced2dcb5b92808d31b58ef217a`, but for `right` is `27042f4e6eca7d0b2a7ee4026df2ecfa51d3339e6d122aa099118ecd8563bad9`, despite having only one character different.
|
||||
A small change in the input should cause a big change in the hash output, making the new output look unrelated to the old one. This makes it hard for attackers to guess the input from the output or find two inputs that create the same hash (collision). For example, the SHA-256 hash for `eight` is `c195d2d8756234367242ba7616c5c60369bc25ced2dcb5b92808d31b58ef217a`, but for `right` is `27042f4e6eca7d0b2a7ee4026df2ecfa51d3339e6d122aa099118ecd8563bad9`, despite having only one different character.
|
||||
- **Pseudorandomness**
|
||||
The output of a password hashing algorithm should appear random and uniformly distributed, making it difficult for attackers to predict patterns or relationships between inputs and their corresponding hash outputs.
|
||||
The output of a password hashing algorithm should look random and evenly spread out, so attackers can't find patterns or guess relationships between the inputs and their hash outputs.
|
||||
- **Resistance to side-channel attacks**
|
||||
Password hashing algorithms should be designed to resist side-channel attacks, such as timing attacks, where an attacker attempts to gain information about the password or hash by analyzing the time taken to compute the hash.
|
||||
Password hashing algorithms should be designed to resist side-channel attacks. An example of this would timing attacks, where an attacker attempts to gain information about the password or hash by analyzing the time taken to compute the hash.
|
||||
- **Adjustable work factor**
|
||||
A good password hashing algorithm should allow for an adjustable work factor, also known as a cost factor or iteration count. This increases the algorithm's computational complexity over time as hardware capabilities improve, ensuring that the password hashing process remains secure and resource-intensive for attackers.
|
||||
A good password hashing algorithm should let you adjust the work factor, which means increasing the complexity over time as hardware gets better. This keeps the password hashing process secure and too resource-intensive for dictionary attacks.
|
||||
- **Memory hardness**
|
||||
Some modern password hashing algorithms are designed to be memory-hard, meaning that they require a significant amount of memory to compute the hash. This characteristic makes it more difficult for attackers to perform parallel attacks using specialized hardware, such as GPUs or ASICs, which have limited memory resources.
|
||||
- **Wide adoption and peer review**
|
||||
|
||||
@@ -9,32 +9,32 @@ author: aditya-oberai
|
||||
category: authentication, security
|
||||
---
|
||||
|
||||
Today, our lives are more digitally connected than ever. The internet has brought us a plethora of benefits, making day-to-day activities, such as shopping, banking, and communication, easier for society. This convenience does come at a cost, however. Every important activity we perform on the internet is associated with a digital identity, and this identity is only as secure as we make it.
|
||||
Today, we're more connected online than ever before. The internet has made things like shopping, banking, and communicating much easier. This convenience does come at a cost, however. Every important activity we perform on the internet is associated with a digital identity, and this identity is only as secure as we make it.
|
||||
|
||||
Unfortunately, as seen across multiple incidents in recent history, not everyone’s digital identity on the internet has been maintained securely. The primary culprit in these incidents, such as the [LinkedIn Data Breach](https://www.cbsnews.com/news/linkedin-2012-data-breach-hack-much-worse-than-we-thought-passwords-emails/) in 2012, the [Yahoo Data Breach](https://www.nytimes.com/2017/10/03/technology/yahoo-hack-3-billion-users.html) in 2012-13, or the [GoDaddy Data Breach](https://techcrunch.com/2021/11/22/godaddy-breach-million-accounts/) in 2021, is weak passwords.
|
||||
|
||||
As software developers, it is essential to remember that our applications’ data is only as secure as the people who use them. Identity verification carries the utmost importance here, which leads us to discuss the necessity of using passwords to secure access to data and resources in our software, or as we say in short, “password protection.” In this blog, let’s learn why strong password protection is essential and what best practices we can keep in mind while implementing the same.
|
||||
As software developers, it is essential to remember that our applications’ data is only as secure as the people who use them. Identity verification is crucial, which brings us to the importance of using passwords to keep data and resources safe in our software, or as we call it, "password protection." In this blog, let’s learn why strong password protection is essential and what best practices we can keep in mind while implementing the same.
|
||||
|
||||
## Why strong password protection is necessary to implement
|
||||
|
||||
There are numerous reasons why we as developers must implement password protection in our software:
|
||||
There are many reasons why we as developers must implement password protection in our software:
|
||||
|
||||
- **Safeguard User Data**
|
||||
Developers are responsible for protecting sensitive user information such as personal data, financial details, and other private information. Proper password protection ensures unauthorized individuals cannot access this data, helping maintain user trust and privacy.
|
||||
- **Safeguard user data.**
|
||||
Developers must protect sensitive user information like personal data and financial details. Proper password protection keeps unauthorized people from accessing their online accounts, helping maintain user trust and privacy.
|
||||
|
||||
- **Protect Application Integrity**
|
||||
Weak password protection can lead to unauthorized access, resulting in data breaches, application functionality tampering, and other malicious activities. By implementing robust password protection measures, developers can maintain the integrity of their applications and minimize the risk of cyberattacks.
|
||||
- **Protect application integrity.**
|
||||
Weak password protection can lead to unauthorized access, resulting in data and security breaches, application functionality tampering, and other malicious activities. By implementing good password protection and password management, developers can maintain the integrity of their applications and minimize the risk of cyberattacks.
|
||||
|
||||
- **Prevent Unauthorized Access**
|
||||
A strong password protection system helps prevent unauthorized users from gaining access to restricted areas of an application, such as admin panels or user accounts. This ensures that only authorized users can access and modify data, reducing the chances of data leaks and minimizing possible attack vectors.
|
||||
- **Prevent unauthorized access.**
|
||||
A strong password protection system stops unauthorized users from accessing restricted parts of an application, like admin panels or user accounts. This ensures only authorized users can access and change data, reducing the risk of data leaks and attacks.
|
||||
|
||||
- **Reduce Support and Incident Response Costs**
|
||||
A secure password protection system can reduce the number of support requests and incidents related to compromised accounts. This, in turn, reduces the time and resources spent on handling these issues, allowing developers to focus on improving the application and delivering new features.
|
||||
- **Reduce support and incident response costs.**
|
||||
A secure password protection system reduces support requests and issues from compromised accounts. This saves time and resources, letting developers focus on improving the application and adding new features.
|
||||
|
||||
- **Compliance with Regulations**
|
||||
Various data protection regulations and standards, such as GDPR, HIPAA, and PCI DSS, require developers to implement secure authentication mechanisms, including strong password protection. Failing to comply with these regulations can lead to legal penalties, fines, and reputational damage.
|
||||
- **Compliance with regulations**
|
||||
Various data protection regulations and standards, such as [GDPR](https://appwrite.io/blog/post/announcing-appwrite-is-gdpr-compliant), [HIPAA](https://appwrite.io/blog/post/what-is-hipaa-compliant), and PCI DSS, require developers to implement secure authentication mechanisms, including strong password protection. Failing to comply with these regulations can lead to legal penalties, fines, and reputational damage.
|
||||
|
||||
- **Preserve Brand Reputation**
|
||||
- **Preserve brand reputation**
|
||||
Data breaches and security incidents severely impact a company’s reputation, leading to a loss of user trust and potential financial losses. Developers can help protect their company’s brand and maintain customer confidence by implementing proper password protection measures.
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user