In-depth guides on JWT authentication, SSL certificates, DNS configuration, encryption algorithms, and security best practices. Looking for a tool? Browse the full A–Z tool index.
bcrypt has been the safe default for 25 years. Argon2 won the Password Hashing Competition. Here's how to choose between them — and why both are fine.
CIDR notation replaced classful networking 30 years ago but still trips people up. Here's how the slash works, how to count hosts, and how to spot a bad subnet.
TOTP and HOTP are the two algorithms behind nearly every 2FA app. Here's how each one works, why TOTP won, and what to do when codes stop matching.
UUID v4 has been the default for a decade. UUID v7 is time-ordered and plays much better with databases. Here's when to pick each — and how to migrate.
A CSR is the file you generate before buying an SSL certificate. Here's what's inside it, how it works, and how to decode one to verify the details are correct.
The essential OpenSSL commands for generating CSRs, inspecting certificates, converting formats, testing TLS connections with s_client, and generating keys. Copy-paste ready.
Compare MD5, SHA-1, SHA-256, and SHA-512 — output sizes, collision resistance, NIST status, speed, and when to use each. Includes a decision guide and common misconceptions.
Complete subnet mask cheat sheet — every /0 to /32 CIDR value with subnet mask, wildcard, total hosts, and usable hosts. Plus how to find and calculate subnets.
A PEM file is a Base64-encoded container for certificates, private keys, and CSRs. Learn what PEM files contain, how to read them, create them, and use them with SSH and OpenSSL.
HMAC (Hash-based Message Authentication Code) proves both data integrity and authenticity. Learn how HMAC works, how it differs from plain hashing, and how to implement it for webhooks and APIs.
Step-by-step guide to Base64 decoding on Linux, macOS, bash, and PowerShell — with examples for strings, files, and URLs.
Complete cron expression reference with examples for every common schedule — every 5 minutes, hourly, daily, weekly, monthly — plus AWS EventBridge and systemd syntax.
Learn how to convert hexadecimal to decimal step by step — with the positional notation method, worked examples, and a quick reference table for common hex values.
Learn why you're seeing "audiences in jwt are not allowed" and how to fix JWT audience validation errors in your application.
JWT and OAuth are often confused — one is a token format, the other is an authorization framework. Here's exactly how they differ and how they work together.
Clear breakdown of SAML, OAuth 2.0, and OpenID Connect — what each does, when to use each, and how they work together in enterprise SSO.
Understand SSL certificate chains — what they are, how root, intermediate, and leaf certificates work together, why chain errors happen, and how to fix them.
Practical comparison of YAML, JSON, and XML — syntax differences, performance, readability, tooling support, and which format to choose for config files, APIs, and data exchange.
A practical guide to every DNS record type — what A, AAAA, CNAME, MX, TXT, NS, SOA, PTR, and SRV records do, when to use them, and how to troubleshoot DNS issues.
A complete guide to SSL/TLS certificate file formats — what PEM, DER, PFX/P12, CER, CRT, and P7B mean, when to use each, and how to convert between them.
A deep dive into JSON Web Tokens — how they work, what the three parts mean, common vulnerabilities, and how to use JWTs securely in modern applications.