|
raddevus wrote: Would you mind trying it and letting me know what you get for each site?
1) WinHost Site: Test Load Speed[^]
2) SmarterASP.net site: Test Load Speed[^] Well, I didn't get such bad results.
The first, via newlibre.com
Testing Load Speed
beginTime: Tue Apr 05 2022 15:33:57 GMT-0700 (Pacific Daylight Time)
endTime: Tue Apr 05 2022 15:34:01 GMT-0700 (Pacific Daylight Time)
3.721 seconds elapsed during load. The second, via cyapass.com
Testing Load Speed
beginTime: Tue Apr 05 2022 15:33:50 GMT-0700 (Pacific Daylight Time)
endTime: Tue Apr 05 2022 15:33:52 GMT-0700 (Pacific Daylight Time)
2.036 seconds elapsed during load.
|
|
|
|
|
Actually, I have now switched (and the DNS seems to have propagated through) to amazingly fast InterServer.net web host. I believe your test (newlibre.com) probably hit the new site ip address 162.246.23.194.
Thanks very much for trying it out.
|
|
|
|
|
1st load.
WinHost: 2.556 seconds elapsed during load.
SmarterASP: 2.812 seconds elapsed during load.
2nd load:
WinHost: 0.122 seconds elapsed during load.
SmarterASP: 0.173 seconds elapsed during load.
Near Toronto, EST.
- The index and js pages appear to be different sizes on each site (larger on the second), and the favicon was not found on the first site.
- Firefox gave me a warning about loading the newlibre site.
- Be sure to optimize your images if actually using any.
|
|
|
|
|
Thanks so much for testing. At this point I have now moved the newlibre.com site to YAH (Yet Another Host - interserver.net) and it is orders of magnitude faster.
|
|
|
|
|
I got (in order):
Under 2 seconds
About 2 seconds...
|
|
|
|
|
Yep, thanks for testing. I've now moved to InterServer.net as the main web host & it is blazing fast.
Most likely when you hit the https://newlibre.com/speedTest you hit the new one. Thanks again.
|
|
|
|
|
I just had to login to a website and my password expired (password expiry is bad practice, according to the pros).
When I tried to reset my password I got an error that my new password looked too much like the previous.
To my knowledge, they can't possibly know that unless they store it as plain text as even a single letter difference should generate a completely different hash.
Am I right to not trust these guys with my password?
Not that I really have a choice in the matter, but I'd at least give them a call about their (mal)practices...
<Realization>
I'm giving these guys my old password as part of the password renewing process...
Must be a Monday
</Realization>
|
|
|
|
|
Did they not ask you to enter the previous password before setting the new password?
If you're entering the old and new password at the same time, then it's trivial to check.
If you've entered the old one and been told that it has expired, they may be storing the old password that you entered in memory to compare to the new one. It wouldn't be great, but it doesn't necessarily mean they're storing your password insecurely.
Alternatively, they may store the salt and hash for one or more previous passwords, apply simple variations to your new password, and see if the modified password produces the same hash as a previous password.
Without seeing their code, you can't be certain that they're not doing the wrong thing; but you can't be certain that they are doing the wrong thing either.
"These people looked deep within my soul and assigned me a number based on the order in which I joined."
- Homer
|
|
|
|
|
Have +5 for Monday!
For the kind of lob apps I write, it is mandatory that the system is able to recall passwords for end users. The passwords are simply encrypted in the database. I don't believe this practice to be a security risk...besides, we aren't protecting sensitive data.
"Go forth into the source" - Neal Morse
"Hope is contagious"
|
|
|
|
|
If you can decrypt the passwords, so can the hackers. It is safer to store the hash.
If you think 'goto' is evil, try writing an Assembly program without JMP.
|
|
|
|
|
kmoorevs wrote: I don't believe this practice to be a security risk
Well, maybe not in terms of your app, but considering people aren't always careful about using different passwords across different platforms, it might be an external security risk. i.e. if user jdoe42 has password "hello world" in your app, chances are its "hello world" for his gmail, facebook, twitter, bank, yadda yadda yadda ...
Keep Calm and Carry On
|
|
|
|
|
I think recalling passwords for users is simply wrong.
It exposes a vector of attack, and if attacked, their passwords are then known.
I cannot think of a good reason to store someone's password. If they need a new one,
let them generate it via an email link, etc.
But the number of times a site has emailed me "Thanks for signing up... Remember your password is: abc123",
and I am thinking to myself...WHY? I usually go and delete the account...
Super Long passwords, and a password manager. Done.
|
|
|
|
|
Net engendered gentleman's affairs (13)
|
|
|
|
|
|
YAUT
|
|
|
|
|
Why affairs Greg ?
"Life should not be a journey to the grave with the intention of arriving safely in a pretty and well-preserved body, but rather to skid in broadside in a cloud of smoke, thoroughly used up, totally worn out, and loudly proclaiming “Wow! What a Ride!" - Hunter S Thompson - RIP
|
|
|
|
|
An entanglement can refer to a romantic affair.
|
|
|
|
|
Ok
Your not going to sell many books at this price
Robust Communications Software
"Life should not be a journey to the grave with the intention of arriving safely in a pretty and well-preserved body, but rather to skid in broadside in a cloud of smoke, thoroughly used up, totally worn out, and loudly proclaiming “Wow! What a Ride!" - Hunter S Thompson - RIP
modified 5-Apr-22 6:01am.
|
|
|
|
|
|
Are we on midday CCC ?
"Life should not be a journey to the grave with the intention of arriving safely in a pretty and well-preserved body, but rather to skid in broadside in a cloud of smoke, thoroughly used up, totally worn out, and loudly proclaiming “Wow! What a Ride!" - Hunter S Thompson - RIP
|
|
|
|
|
The North American colony is rebelling once again. Looks like the Canadian loyalists have captured the flag.
|
|
|
|
|
I'll take that as a yes
"Life should not be a journey to the grave with the intention of arriving safely in a pretty and well-preserved body, but rather to skid in broadside in a cloud of smoke, thoroughly used up, totally worn out, and loudly proclaiming “Wow! What a Ride!" - Hunter S Thompson - RIP
|
|
|
|
|
Stars are still out and no coffee yet. Who could be in a puzzle solving frame of mind?
|
|
|
|
|
What does the stars' visibility have to do with it?
No coffee; however...
Freedom is the freedom to say that two plus two make four. If that is granted, all else follows.
-- 6079 Smith W.
|
|
|
|
|
Canadia doesn't work to human schedules ...
@GregUtas
Where's the CCC?
"I have no idea what I did, but I'm taking full credit for it." - ThisOldTony
"Common sense is so rare these days, it should be classified as a super power" - Random T-shirt
AntiTwitter: @DalekDave is now a follower!
|
|
|
|