Cryptomator is a free and open-source client-side encryption tool that can be used to encrypt files before uploading them to cloud storage services. Here are the steps to install Cryptomator: Go to the Cryptomator website. Before you install the Cryptomator program, you can install macFUSE. Please note that Cryptomator recommended macFuse for Intel and FUSE-T for Apple Silicon but I … [Read more...]
Connect New SSRS Server to Old SQL Server with TLS
This was posted just to share an experience of tackling a problem we encountered when we needed to connect an SSRS Server 2016 to an older SQL Server database (Windows Server 2008 R2) and what steps we took to troubleshoot the issue. After all the reports were migrated to the new SSRS server, upon creating a new Data Source, I got an error message something along the line to enter the user id … [Read more...]
Basic Security Practice with Password
After one client was notified that her passwords were found in a data leak and may compromise the accounts from her iPhone: Compromised... Some of your passwords have appeared in a data leak, putting those accounts at high risk of compromise. iPhone can help... It turns out, other than the password was to easy to guess, it was also due to password reuse. Of course the immediate … [Read more...]
How to Enable Secure HttpOnly Cookies in IIS
Session cookies are often seen as one of the biggest problems for security and privacy with HTTP, yet often times, it's necessary to utilize it to maintain state in modern web applications. By default, it is insecure and vulnerable to be intercepted by an authorized party. Cookies typically store session identifiers that may offer full access to an account, therefore if a cookie is intercepted, … [Read more...]
How to Setup HTTP Strict Transport Security (HSTS) on IIS
HTTP Strict-Transport-Security (HSTS) response header is used to tell browsers that the particular website should only be accessed solely over HTTPS. This is a powerful feature that is easy to implement to mitigate the risks for the communication to be intercepted by hackers and keep your website visitors safe. Enabling HTTP Strict Transport Security on IIS See the steps below to enable HSTS on … [Read more...]