**Join Information Security**
=================================
By clicking “Sign up”, you agree to our [terms of service](/legal/terms-of-service/public) and acknowledge you have read our [privacy policy](/legal/privacy-policy).
Sign up with Google
OR
==
Email
Password
Sign up
Already have an account? [Log in](/users/login)
**Teams**
Q&A for work
Connect and share knowledge within a single location that is structured and easy to search.
[Learn more about Teams](https://stackoverflow.co/teams/)
Explore our questions
=====================
[Ask Question](/questions/ask)
[encryption](/?tags=encryption "Show questions relating to encryption")[tls](/?tags=tls "Show questions relating to tls")[authentication](/?tags=authentication "Show questions relating to authentication")[passwords](/?tags=passwords "Show questions relating to passwords")[web-application](/?tags=web-application "Show questions relating to web-application")[certificates](/?tags=certificates "Show questions relating to certificates")[network](/?tags=network "Show questions relating to network")[malware](/?tags=malware "Show questions relating to malware")[cryptography](/?tags=cryptography "Show questions relating to cryptography")[hash](/?tags=hash "Show questions relating to hash") [more tags](/tags)
[Active](?tab=active "Questions that have been asked, answered, or updated recently") [Hot](?tab=hot "Questions with the most views, most answers, and highest score over the last few days") [Week](?tab=week "Questions with the most views, most answers, and highest score this week") [Month](?tab=month "Questions with the most views, most answers, and highest score this month")
1 vote
1 answer
178 views
### [Double ARP error, mitm](/questions/265828/double-arp-error-mitm)
* [man-in-the-middle](/questions/tagged/man-in-the-middle "show questions tagged 'man-in-the-middle'")
* [arp](/questions/tagged/arp "show questions tagged 'arp'")
[
](/users/-1/community)
[Community](/users/-1/community)Bot
* 1
[modified 9 mins ago](/questions/265828/double-arp-error-mitm?lastactivity)
1 vote
0 answers
12 views
### [XSS CTF - How to execute payload inside an HTML comment (blacklisted words & encoded characters)](/questions/280823/xss-ctf-how-to-execute-payload-inside-an-html-comment-blacklisted-words-enc)
* [xss](/questions/tagged/xss "show questions tagged 'xss'")
* [html](/questions/tagged/html "show questions tagged 'html'")
* [web](/questions/tagged/web "show questions tagged 'web'")
* [reflected-xss](/questions/tagged/reflected-xss "show questions tagged 'reflected-xss'")
[
](/users/352762/drmr)
[drmr](/users/352762/drmr)
* 11
[asked 4 hours ago](/questions/280823/xss-ctf-how-to-execute-payload-inside-an-html-comment-blacklisted-words-enc)
2 votes
1 answer
709 views
### [Are CORS headers useless?](/questions/269732/are-cors-headers-useless)
* [web-browser](/questions/tagged/web-browser "show questions tagged 'web-browser'")
* [http](/questions/tagged/http "show questions tagged 'http'")
* [csrf](/questions/tagged/csrf "show questions tagged 'csrf'")
* [cors](/questions/tagged/cors "show questions tagged 'cors'")
* [header](/questions/tagged/header "show questions tagged 'header'")
[
](/users/352673/jajanken)
[jajanken](/users/352673/jajanken)
* 3
[modified 5 hours ago](/questions/269732/are-cors-headers-useless?lastactivity)
48 votes
2 answers
13k views
### [Does rebooting a phone daily increase your phone's security?](/questions/270904/does-rebooting-a-phone-daily-increase-your-phones-security)
* [mobile](/questions/tagged/mobile "show questions tagged 'mobile'")
* [attack-prevention](/questions/tagged/attack-prevention "show questions tagged 'attack-prevention'")
* [smartphone](/questions/tagged/smartphone "show questions tagged 'smartphone'")
* [boot](/questions/tagged/boot "show questions tagged 'boot'")
[
](/users/167526/italian-philosopher)
[Italian Philosopher](/users/167526/italian-philosopher)
* 403
[modified 5 hours ago](/questions/270904/does-rebooting-a-phone-daily-increase-your-phones-security?lastactivity)
0 votes
1 answer
160 views
### [Is ZipSlip possible in Java without two dots?](/questions/272733/is-zipslip-possible-in-java-without-two-dots)
* [attacks](/questions/tagged/attacks "show questions tagged 'attacks'")
* [java](/questions/tagged/java "show questions tagged 'java'")
* [zip](/questions/tagged/zip "show questions tagged 'zip'")
[
](/users/-1/community)
[Community](/users/-1/community)Bot
* 1
[modified 8 hours ago](/questions/272733/is-zipslip-possible-in-java-without-two-dots?lastactivity)
1 vote
2 answers
90 views
### [How does 2FA improve security when using one-time passwords via a mobile app?](/questions/280806/how-does-2fa-improve-security-when-using-one-time-passwords-via-a-mobile-app)
* [authentication](/questions/tagged/authentication "show questions tagged 'authentication'")
* [multi-factor](/questions/tagged/multi-factor "show questions tagged 'multi-factor'")
[
](/users/291964/ja1024)
[Ja1024](/users/291964/ja1024)
* 30.3k
[modified 10 hours ago](/questions/280806/how-does-2fa-improve-security-when-using-one-time-passwords-via-a-mobile-app?lastactivity)
1 vote
1 answer
1k views
### [DMARC and SPF are setup for my non-www domain but doesn't work for www](/questions/182182/dmarc-and-spf-are-setup-for-my-non-www-domain-but-doesnt-work-for-www)
* [email](/questions/tagged/email "show questions tagged 'email'")
* [spam](/questions/tagged/spam "show questions tagged 'spam'")
* [spf](/questions/tagged/spf "show questions tagged 'spf'")
* [dmarc](/questions/tagged/dmarc "show questions tagged 'dmarc'")
[
](/users/-1/community)
[Community](/users/-1/community)Bot
* 1
[modified 13 hours ago](/questions/182182/dmarc-and-spf-are-setup-for-my-non-www-domain-but-doesnt-work-for-www?lastactivity)
1 vote
2 answers
217 views
### [Broadcast message anonymity and untraceability](/questions/259953/broadcast-message-anonymity-and-untraceability)
* [anonymity](/questions/tagged/anonymity "show questions tagged 'anonymity'")
[
](/users/54284/thoriumbr)
[ThoriumBR](/users/54284/thoriumbr)
* 56.2k
[answered 14 hours ago](/questions/259953/broadcast-message-anonymity-and-untraceability?lastactivity)
0 votes
1 answer
547 views
### [Combining User Context in Machine-2-Machine OAuth2 Client Credential Flow](/questions/227044/combining-user-context-in-machine-2-machine-oauth2-client-credential-flow)
* [authentication](/questions/tagged/authentication "show questions tagged 'authentication'")
* [oauth](/questions/tagged/oauth "show questions tagged 'oauth'")
* [oauth2](/questions/tagged/oauth2 "show questions tagged 'oauth2'")
* [openid-connect](/questions/tagged/openid-connect "show questions tagged 'openid-connect'")
[
](/users/-1/community)
[Community](/users/-1/community)Bot
* 1
[modified 21 hours ago](/questions/227044/combining-user-context-in-machine-2-machine-oauth2-client-credential-flow?lastactivity)
1 vote
1 answer
511 views
### [How does a user get authenticated on server B if they are already authenticated on server A through OAuth2?](/questions/171747/how-does-a-user-get-authenticated-on-server-b-if-they-are-already-authenticated)
* [authentication](/questions/tagged/authentication "show questions tagged 'authentication'")
* [webserver](/questions/tagged/webserver "show questions tagged 'webserver'")
* [server](/questions/tagged/server "show questions tagged 'server'")
* [oauth2](/questions/tagged/oauth2 "show questions tagged 'oauth2'")
[
](/users/-1/community)
[Community](/users/-1/community)Bot
* 1
[modified yesterday](/questions/171747/how-does-a-user-get-authenticated-on-server-b-if-they-are-already-authenticated?lastactivity)
1 vote
1 answer
119 views
### [What's the deal with CISA adding CVE-2024-49035 (Microsoft Partner Center vulnerability) to its catalog of exploited vulnerabilities?](/questions/280774/whats-the-deal-with-cisa-adding-cve-2024-49035-microsoft-partner-center-vulner)
* [web-application](/questions/tagged/web-application "show questions tagged 'web-application'")
* [vulnerability](/questions/tagged/vulnerability "show questions tagged 'vulnerability'")
* [cve](/questions/tagged/cve "show questions tagged 'cve'")
* [microsoft](/questions/tagged/microsoft "show questions tagged 'microsoft'")
* [cisa](/questions/tagged/cisa "show questions tagged 'cisa'")
[
](/users/6253/schroeder)
[schroeder](/users/6253/schroeder)♦
* 133k
[modified yesterday](/questions/280774/whats-the-deal-with-cisa-adding-cve-2024-49035-microsoft-partner-center-vulner?lastactivity)
0 votes
2 answers
362 views
### [Is there a standard about storing the password of a bank's website bank-account-management-account in a password vault?](/questions/241594/is-there-a-standard-about-storing-the-password-of-a-banks-website-bank-account)
* [banks](/questions/tagged/banks "show questions tagged 'banks'")
* [standards](/questions/tagged/standards "show questions tagged 'standards'")
[
](/users/70738/serge-ballesta)
[Serge Ballesta](/users/70738/serge-ballesta)
* 27.1k
[answered yesterday](/questions/241594/is-there-a-standard-about-storing-the-password-of-a-banks-website-bank-account?lastactivity)
1 vote
1 answer
916 views
### [What are the security best practices for clients authenticating users with password against LDAP?](/questions/170204/what-are-the-security-best-practices-for-clients-authenticating-users-with-passw)
* [ldap](/questions/tagged/ldap "show questions tagged 'ldap'")
[
](/users/-1/community)
[Community](/users/-1/community)Bot
* 1
[modified yesterday](/questions/170204/what-are-the-security-best-practices-for-clients-authenticating-users-with-passw?lastactivity)
0 votes
1 answer
108 views
### [SHA-256: thoughts and experiment](/questions/280809/sha-256-thoughts-and-experiment)
* [passwords](/questions/tagged/passwords "show questions tagged 'passwords'")
* [sha256](/questions/tagged/sha256 "show questions tagged 'sha256'")
[
](/users/6253/schroeder)
[schroeder](/users/6253/schroeder)♦
* 133k
[modified yesterday](/questions/280809/sha-256-thoughts-and-experiment?lastactivity)
[Browse more Questions](/questions)
#### [Hot Network Questions](https://stackexchange.com/questions?tab=hot)
* [With what to replace uBlock Origin now after Google Chrome nerfed it?](https://softwarerecs.stackexchange.com/questions/92047/with-what-to-replace-ublock-origin-now-after-google-chrome-nerfed-it)
* [How would a society with no wood reliably heat itself?](https://worldbuilding.stackexchange.com/questions/265292/how-would-a-society-with-no-wood-reliably-heat-itself)
* [Using rsync to copy only files that have changed, not files that are new](https://unix.stackexchange.com/questions/792314/using-rsync-to-copy-only-files-that-have-changed-not-files-that-are-new)
* [Noobie trying to get a turbo trainer](https://bicycles.stackexchange.com/questions/96363/noobie-trying-to-get-a-turbo-trainer)
* [Biplane Identification](https://aviation.stackexchange.com/questions/108194/biplane-identification)
* [Why are the undefined terms in geometry undefined?](https://math.stackexchange.com/questions/5044921/why-are-the-undefined-terms-in-geometry-undefined)
* [MacVim does not paste when in command line mode (i.e. ":e <D-v>" would be useful); am I missing something?](https://vi.stackexchange.com/questions/46603/macvim-does-not-paste-when-in-command-line-mode-i-e-e-d-v-would-be-useful)
* [Interpreting moderation in PROCESS macro](https://stats.stackexchange.com/questions/662599/interpreting-moderation-in-process-macro)
* [Is the titan summoned by the Scroll of Titan Summoning hostile to the summoner?](https://rpg.stackexchange.com/questions/214972/is-the-titan-summoned-by-the-scroll-of-titan-summoning-hostile-to-the-summoner)
* [Emergency measures to protect a spaceship's crew from a crash landing](https://worldbuilding.stackexchange.com/questions/265228/emergency-measures-to-protect-a-spaceships-crew-from-a-crash-landing)
* [PTIJ: Why did Mordechai insist on Esther ploughing (החרש תחרישי) at such a crucial moment?](https://judaism.stackexchange.com/questions/148225/ptij-why-did-mordechai-insist-on-esther-ploughing-%d7%94%d7%97%d7%a8%d7%a9-%d7%aa%d7%97%d7%a8%d7%99%d7%a9%d7%99-at-such-a-cruci)
* [How to assign configuration to a pseudo chiral carbon?](https://chemistry.stackexchange.com/questions/187893/how-to-assign-configuration-to-a-pseudo-chiral-carbon)
* [Did Trump campaign against gay people?](https://politics.stackexchange.com/questions/90991/did-trump-campaign-against-gay-people)
* [Can I use tandem breakers to make room in a full panel with full neutral bus bars?](https://diy.stackexchange.com/questions/315818/can-i-use-tandem-breakers-to-make-room-in-a-full-panel-with-full-neutral-bus-bar)
* [Token Burn from token account](https://solana.stackexchange.com/questions/20893/token-burn-from-token-account)
* [How did the meaning of 'danger' (dangier) evolve from 'lord, master' to 'liability or exposure to harm or injury'?](https://french.stackexchange.com/questions/55654/how-did-the-meaning-of-danger-dangier-evolve-from-lord-master-to-liabili)
* [Levi-Civita Christoffel symbol in geodesic](https://physics.stackexchange.com/questions/845196/levi-civita-christoffel-symbol-in-geodesic)
* [What cultural practice did Jesus have in mind when he said that "the gates of Hades will not prevail" in Matthew 16:18?](https://hermeneutics.stackexchange.com/questions/102269/what-cultural-practice-did-jesus-have-in-mind-when-he-said-that-the-gates-of-ha)
* [How to Handle a Non-Contributing Supervisor Blocking Paper Submission?](https://academia.stackexchange.com/questions/217342/how-to-handle-a-non-contributing-supervisor-blocking-paper-submission)
* [Is it even possible to define "entity" and if so, what is the definition?](https://philosophy.stackexchange.com/questions/123440/is-it-even-possible-to-define-entity-and-if-so-what-is-the-definition)
* [Remove space before nth root](https://tex.stackexchange.com/questions/738918/remove-space-before-nth-root)
* [Why are the download sizes so much bigger than they actually are?](https://gaming.stackexchange.com/questions/411495/why-are-the-download-sizes-so-much-bigger-than-they-actually-are)
* [Why are some independent variables having huge std errors?](https://stats.stackexchange.com/questions/662601/why-are-some-independent-variables-having-huge-std-errors)
* [Why is Erdős' conjecture on arithmetic progressions not discussed much, and is there an active pathway to its resolution?](https://mathoverflow.net/questions/489375/why-is-erd%c5%91s-conjecture-on-arithmetic-progressions-not-discussed-much-and-is-t)
[Recent questions feed](/feeds "The 30 most recent questions")
Subscribe to RSS
================
Recent questions feed
To subscribe to this RSS feed, copy and paste this URL into your RSS reader.
[](#)
By clicking “Accept all cookies”, you agree Stack Exchange can store cookies on your device and disclose information in accordance with our [Cookie Policy](https://stackoverflow.com/legal/cookie-policy).
Accept all cookies Necessary cookies only
Customize settings
Cookie Consent Preference Center
--------------------------------
When you visit any of our websites, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences, or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and manage your preferences. Please note, blocking some types of cookies may impact your experience of the site and the services we are able to offer.
[Cookie Policy](https://stackoverflow.com/legal/cookie-policy)
Accept all cookies
### Manage Consent Preferences
#### Strictly Necessary Cookies
Always Active
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
Cookies Details‎
#### Performance Cookies
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
Cookies Details‎
#### Functional Cookies
Functional Cookies
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
Cookies Details‎
#### Targeting Cookies
Targeting Cookies
These cookies are used to make advertising messages more relevant to you and may be set through our site by us or by our advertising partners. They may be used to build a profile of your interests and show you relevant advertising on our site or on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device.
Cookies Details‎
Back Button
### Cookie List
Search Icon
Filter Icon
Clear
checkbox label label
Apply Cancel
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label
Necessary cookies only Confirm my choices
[](https://www.onetrust.com/products/cookie-consent/)