Snyk Security Review

By Lane Wagner We recently integrated Snyk into Qvault as a way to get more visibility into known vulnerabilities in Qvault’s code base. Snyk has already patched a critical vulnerability in lodash for us, which allowed us to continue releasing new versions before the official fix for lodash was published a few days ago. We can’t speak to whether Snyk …

https://www.scienceandtechnologyresearchnews.com/the-race-to-build-a-quantum-computer/

Is AES-256 Quantum Resistant?

By Lane Wagner With quantum computers getting more powerful every year, many worry about the safety of modern encryption standards. As quantum computers improve in performance and the number of qubits used for calculations increase, current crypto systems are under more threat of attack. What will break? Many asymmetric encryption algorithms have been mathematically proven to be broken by quantum …

Qvault Logo

Intro to Qvault

Qvault is a new opensource password manager, with an emphasis on user experience and customization options. Many who stumble upon Qvault ask, “How is this different from other password managers?” In this article we explain what sets Qvault apart. 1. Open Source Many password managers that exist today do not publish their code for the public to review and collaborate …

http://thehobbyts.com/fun-dice-games-ultimate-list/

Randomness and Entropy in Node and Electron

Randomness is a hard problem for computers. For this reason most functions that generate randomness are not considered cryptographically secure. That means that it is possible that an attacker can take a good guess at what number a non-secure randomness generator generated. How can randomness be attacked? Many non-secure randomness (or entropy) generators would do something similar to the following: …

You can’t function in 2019 without a password manager

Secrets. You have many. I don’t mean stretching the truth to a first date about interests and hobbies , or being into My Little Pony as a forty year old man. I’m talking about digital secrets. Passwords, social security numbers, pin codes, cryptocurrency keys, credit cards, and bank account numbers define our online personas and finances. Passwords Passwords and 2FA …

(Very) Basic Intro to the Scrypt Hash

This will be a basic introduction to the Scrypt hash function, or more accurately, KDF function. I will assume most of my audience is here to gain an understanding of why Scrypt is used and the basics of how it works. My goal is to explain it in a general sense, I will be omitting proofs and implementation details and …

Dual Encryption

Qvault’s dual encryption allows users to require that two keys are needed to unlock their vault. A password, and a key card. You have probably heard of two factor authentication. According to Authy: 2FA is an extra layer of security used to make sure that people trying to gain access to an online account are who they say they are. Usually the …