How to Fix Insecure Cryptographic Storage

Posted by on May 1, 2012 2 Comments

Hashing is the first step towards secure cryptographic storage of data before passing it to the database. It is advisable to make sure sensitive parameters like password, credit card information is encrypted by using hashing algorithm so that in the event of a database compromise such information is still secure.

To make the hashing stronger it’s recommended to add a Salt to the password string. Salting makes password guessing harder and improbable if the salt is large enough.

How do I implement Secure Crytographic Storage?

The following posts provide specific details for implementing secure cryptography in various programming languages and through a variety of methods.

Wireless Security: How to Enable WEP/WPA Encryption

Posted by on May 26, 2011 1 Comment

Note: This post is part of our series on “How to Secure Your Home Wireless Network“. The series contains a 10 step guide to securing your home wireless network.

All Wireless devices support some form of encryption. Encryption technology scrambles messages sent over the air and ensures that they cannot be intercepted by hackers. Several encryption technologies exist for Wireless communication today. WPA is the strongest commonly available encryption technology for home devices however WEP can also be used.

Although most routers have different methods to change the encryption settings, the general steps are as follows. Incase of difficulty, consult your Wireless Router manual or customer support.

1. Find your LAN IP Address
You can identify the LAN IP Address of your machine by going to Start -> Run and execute the command “cmd”. Inside this command prompt you can execute the command “ipconfig /all”

ipconfig /all

2. Access Your Router
Once you have the IP Address for your router, we can use this to access the router and change settings. We need to open the router’s settings page via the browser by visiting http://192.168.0.1/ (Use the IP you found in step 1 ). This will prompt you for a username and password which is usually “admin/admin”, “admin/password” (or the Password set by you in: Wireless Security: How to Change Default Administrator Usernames and Passwords). Sometimes these fields are left blank, but the best way to know is the user manual.

Router Login

3. Enable Encryption and Set a Password
Once you have logged into the router control panel, you need to look for a section such as “Wireless” or “Security” etc. Depending on the make of your router, you will find the settings for wireless encryption under one of these sections.

Here you will select a few settings to enable encryption on your router.

Selecting WPA2 Encryption

Security Mode: There are many different security modes that are available and each one provides a different level of comaptibility or security. Ideally you should chose the highest level of encryption / security that will work with all of your devices. Our first preference is WPA2 then WPA and finally WEP.

Shared Key / Passphrase / Key: This is the password that will be used by you while connecting any device to your network. Select something strong.

4. You’re Done!
Thats it, you’re router now has a encrpytion enabled to prevent any unauthorized user from being able to see your communication via sniffing or injection methods.

Now you need to reconnect all of your wireless devices to the new encrypted network and when prompted for a password, enter the password selected in Step 3.

Now we recommend that you go back to our series on “How to Secure Your Home Wireless Network” and implement all the remaining recommendations into your router.