non-biased-news's profile @non-biased-news

All tokens/passwords are now encrypted on Sparklabs!

That means that I had to wipe the DB, so please remake your account!

As before, first 10 people to join get verified!

Sorry about the static links for now, I need to learn my templating engine to make it better.

https://sparklabs.amorogos.repl.co/static/join.html

https://sparklabs.amorogos.repl.co/static/login.html

Oct 18, 2022, 5:20 PM
3 1 45

comments (single view)

tnix's profile @tnix Oct 19, 2022, 11:26 AM

Please don’t just encrypt your db, it does not guarantee security, good access control is better than just having it public and encrypted. Please use something like MongoDB Atlas (free 512MB cluster, no payment details required) or use some other sort of database on a self hosted server.

gosoccerboy6's profile @gosoccerboy6 Oct 19, 2022, 1:34 PM

🤓 (/s)

non-biased-news's profile @non-biased-news Oct 19, 2022, 2:05 PM

kjasdskj

cst1229's profile @cst1229 Oct 19, 2022, 1:46 PM

also, isn’t sha256 actually very insecure

non-biased-news's profile @non-biased-news Oct 19, 2022, 2:05 PM

idk, i need to salt them

tnix's profile @tnix Oct 19, 2022, 8:44 PM

You need to use a more secure algorithm like bcrypt, scrypt, or argon2

non-biased-news's profile @non-biased-news Oct 19, 2022, 8:44 PM

gonna do that

non-biased-news's profile @non-biased-news Oct 19, 2022, 8:45 PM

after I make some other stuff

tnix's profile @tnix Oct 19, 2022, 8:45 PM

sha256 is very insecure for passwords because it is way too fast, it can be brute forced pretty easily

non-biased-news's profile @non-biased-news Oct 19, 2022, 8:46 PM

oh, okay. I didn’t know that. Now I know, and knowing is half the battle.

non-biased-news's profile @non-biased-news Oct 19, 2022, 2:05 PM

nah, gonna use the server my dad owns

gosoccerboy6's profile @gosoccerboy6 Oct 19, 2022, 3:50 PM

lucky ahh mf

non-biased-news's profile @non-biased-news Oct 19, 2022, 4:07 PM

20GB VPS in Seattle

View all comments