Security and Password Protection Made Easy, Simple, Cheap reasonable as long as you follow the effort vs reward formula.
place personal data only with institutions that need it.We do not keep any personally identifiable information, nor health information, nor financial information on this server - thus we are not a target. ROOT ACCESS is not currently allowed by any remote terminal or shell to this server.
PASSWORD BREAKING IS ALWAYS A MATTER OF EFFORT VERSUS REWARD.This server system for personel requires both a key and a password for access and has never been 'cracked'. Your password to your account will be hashed on your end, encrypted for transit and rehashed on the server end.
Password is never stored systems - only the algorythym result is stored.
The BEST password protection is
It would be virtually impossible for even a locally placed spyware to get your pw unless the nsa+microsoft system design uses a password box reader - pretty easy to do on their end actually since obscuring the passord in an entry box is just a matter of making the real characters look like asterisks because at some point the operating system has to know your password prior to the hashing and encryption.
Understand that to crack a password of random characters, you actually have to perform a test of every result since any evaluation of the crack attempt is not a recognizable word.
CHANGING YOUR PASSWORDIf you suspect your account was broken into, or you just want to change your password for any reason, you must click the CHANGE MY PASSORD link on the login page, then you will be offered to enter your email address, then you will receive an email with a link in the email that will ONLY THEN stop access to your account AFTER you click that link. That way, vandals cannot simply block your account with just a request.
AGAIN, you must click the link provided in the email to stop access to your account with the existing password.
AT THAT TIME you will then be offered to enter a new password which will be hashed and encrypted before transitting the internet to the server.
"Website cookies are used to save session information when a person visits a website. Popular implementations include saving shopping cart information at ecommerce websites and session data at financial websites."
"Many banking sites protect against faulty implementations by using random session data to protect individual users." http://searchsecurity.techtarget.com/news/1520252/Hacking-tool-exploits-faulty-AES-encryption-implementations?asrc=EM_USC_12547523&track=NL-105&ad=787382 RANDOM SESSION DATA. WE DO THAT. WE DO NOT USE MISCROSOFT, ASP, DOT.NET, Ruby on Rails.
references http://www.php.net/manual/en/function.pack.php http://perldoc.perl.org/perlpacktut.html http://hector.co/node/4 http://hector.co/php/bin2str.php
copyright Global Internet Hosting.com 2013