In-depth guides on JWT authentication, SSL certificates, DNS configuration, encryption algorithms, and security best practices. Looking for a tool? Browse the full A–Z tool index.
Standard JSON does not support comments. Learn why the spec excludes them, the common workarounds like JSONC and comment keys, and how to strip comments before parsing.
A GUID is Microsoft's name for a UUID — a 128-bit unique identifier. Learn the format, the tiny differences between GUID and UUID, and where each term is used.
Hashing is one-way; encryption is reversible. Learn the difference between hashing and encryption, where encoding fits in, and when to use each — with clear examples.
Convert JSON to CSV online, with Python, or in Excel. Learn how to flatten nested JSON into clean spreadsheet columns step by step.
Convert JSON to an Excel spreadsheet using Power Query, an online converter, or CSV import. Step-by-step methods for clean, readable rows and columns.
Find your MAC address in seconds on Windows, Mac, iPhone, or Android. Step-by-step instructions for every device, plus what the address means.
Slow DNS lookups delay every website you visit. Learn how to fix slow DNS — switch to a faster resolver, flush the cache, rule out VPN/antivirus interference, and diagnose the problem with dig and nslookup.
Open a JSON file with a text editor, browser, or online viewer. Step-by-step instructions for Windows, Mac, and phones — plus the easiest way to read it formatted.
Open an XML file in a browser, text editor, or Excel — and convert it to JSON or a spreadsheet. Easy step-by-step methods for any device.
Symmetric encryption uses one shared key; asymmetric uses a public/private key pair. Learn how each works, their speed trade-offs, and why TLS and PGP use both.
When an SSL certificate expires, browsers block the site with a security warning. Learn the exact impact, how to check a certificate's expiration date, and how to prevent downtime.
A bearer token is an access token that grants access to whoever holds it. Learn how bearer tokens work in the Authorization header, how they relate to JWTs, and how to keep them safe.
A Caesar cipher shifts each letter by a fixed number of places. Learn how it works, how to encode and decode it, why ROT13 is a special case, and why it's easy to break.
A cipher is an algorithm that encrypts and decrypts data. Learn the difference between ciphers and codes, plus block, stream, symmetric, and classic cipher types.
A cron job is a task scheduled to run automatically at set times on Unix systems. Learn what cron is, where the name comes from, how the schedule syntax works, and real examples.
A digital certificate binds a public key to a verified identity using the X.509 standard. Learn what's inside a certificate, how Certificate Authorities sign them, and how to decode your own.
A hash function turns any input into a fixed-length string called a hash. Learn how hashing works, the properties of cryptographic hash functions, common algorithms like SHA-256 and MD5, and what hashing is used for.
A MAC address is a unique 48-bit hardware ID for a network device. Learn its format, how it differs from an IP address, whether it can be changed, and how to find yours.
A static IP address never changes, unlike a dynamic one assigned by DHCP. Learn the pros, cons, security considerations, and when you actually need a static IP.
A UUID is a 128-bit unique identifier written as 32 hex digits. Learn the format, what each version (v1, v4, v7) means, what UUIDs are used for, and whether they're truly unique.
An IP address is a unique number identifying a device on a network. Learn IPv4 vs IPv6, public vs private, static vs dynamic, and how to read an IP address.
An MD5 checksum is a 32-character fingerprint used to verify a file downloaded correctly. Learn how to generate, compare, and verify MD5 checksums — and when they're safe to use.
DES is a legacy 56-bit symmetric block cipher, now insecure. Learn how DES works, why it was retired, what Triple DES is, and how AES replaced it.
Epoch time counts the seconds since Jan 1, 1970 UTC. Learn what Unix timestamps are, why they start in 1970, how to convert them to a date, and the year 2038 problem.
Hashing protects passwords and verifies data integrity in cybersecurity. Learn how hashing works, why it's one-way, how salting helps, and how it differs from encryption.
MD5 is a fast 128-bit hash algorithm, but it's cryptographically broken. Learn what MD5 is, how it works, why it's insecure, and what to use instead.
OAuth 2.0 lets apps access resources on your behalf without sharing your password. Learn the roles, the authorization flow, access vs refresh tokens, and OAuth vs OIDC.
Password hashing stores passwords as irreversible hashes instead of plain text. Learn how salting works, why bcrypt and Argon2 beat SHA-256, and how passwords get cracked.
PGP encrypts emails and files using a public/private key pair. Learn how PGP works, what a PGP key is, the difference between PGP and GPG, and how to start.
SAML is an XML standard that enables single sign-on between identity providers and apps. Learn how SAML works, what a SAML assertion is, and how it compares to OAuth.
Discord timestamps render in every reader's own timezone. Here's the <t:UNIX:F> syntax, all seven format codes, and how to generate them in seconds.
JSON and YAML describe the same data two ways. Here's how to convert between them by hand, in code, and online — plus the gotchas that break round-trips.
XML and JSON model data differently, so conversion isn't 1:1. Here's how attributes, repeated elements, and text nodes map — plus code and a free converter.
YAML has no block comment and five ways to write multiline strings. Here's how comments work, when to use | vs >, and how chomping indicators control newlines.
Encrypt a file with a password using AES-256 — in the browser, with OpenSSL, 7-Zip, or GPG. Plus why key derivation matters and how to avoid the weak-password trap.
The TLS handshake negotiates encryption before any data flows. Here's each step — ClientHello to Finished — plus how TLS 1.3 cut it to one round trip.
'The "unable to get local issuer certificate" error means a missing intermediate or untrusted root. Here is what causes it and how to fix it in curl, Node, Python, Git, and Java.'
Convert a .pfx/.p12 file to PEM with OpenSSL or in your browser. Split the cert, key, and chain, handle the password, and fix the legacy-algorithm error.
How to Base64 encode and decode in Python with the base64 module — strings, bytes, files, and URL-safe variants — plus the bytes-vs-str gotcha that trips everyone.
Generate a self-signed SSL certificate with OpenSSL in one command, add Subject Alternative Names for modern browsers, and know when to use one (and when not to).
bcrypt has been the safe default for 25 years. Argon2 won the Password Hashing Competition. Here's how to choose between them — and why both are fine.
CIDR notation replaced classful networking 30 years ago but still trips people up. Here's how the slash works, how to count hosts, and how to spot a bad subnet.
TOTP and HOTP are the two algorithms behind nearly every 2FA app. Here's how each one works, why TOTP won, and what to do when codes stop matching.
UUID v4 has been the default for a decade. UUID v7 is time-ordered and plays much better with databases. Here's when to pick each — and how to migrate.
A CSR is the file you generate before buying an SSL certificate. Here's what's inside it, how it works, and how to decode one to verify the details are correct.
The essential OpenSSL commands for generating CSRs, inspecting certificates, converting formats, testing TLS connections with s_client, and generating keys. Copy-paste ready.
Compare MD5, SHA-1, SHA-256, and SHA-512 — output sizes, collision resistance, NIST status, speed, and when to use each. Includes a decision guide and common misconceptions.
Complete subnet mask cheat sheet — every /0 to /32 CIDR value with subnet mask, wildcard, total hosts, and usable hosts. Plus how to find and calculate subnets.
A PEM file is a Base64-encoded container for certificates, private keys, and CSRs. Learn what PEM files contain, how to read them, create them, and use them with SSH and OpenSSL.
HMAC (Hash-based Message Authentication Code) proves both data integrity and authenticity. Learn how HMAC works, how it differs from plain hashing, and how to implement it for webhooks and APIs.
Step-by-step guide to Base64 decoding on Linux, macOS, bash, and PowerShell — with examples for strings, files, and URLs.
Complete cron expression reference with examples for every common schedule — every 5 minutes, hourly, daily, weekly, monthly — plus AWS EventBridge and systemd syntax.
Learn how to convert hexadecimal to decimal step by step — with the positional notation method, worked examples, and a quick reference table for common hex values.
Learn why you're seeing "audiences in jwt are not allowed" and how to fix JWT audience validation errors in your application.
JWT and OAuth are often confused — one is a token format, the other is an authorization framework. Here's exactly how they differ and how they work together.
Clear breakdown of SAML, OAuth 2.0, and OpenID Connect — what each does, when to use each, and how they work together in enterprise SSO.
Understand SSL certificate chains — what they are, how root, intermediate, and leaf certificates work together, why chain errors happen, and how to fix them.
Practical comparison of YAML, JSON, and XML — syntax differences, performance, readability, tooling support, and which format to choose for config files, APIs, and data exchange.
A practical guide to every DNS record type — what A, AAAA, CNAME, MX, TXT, NS, SOA, PTR, and SRV records do, when to use them, and how to troubleshoot DNS issues.
A complete guide to SSL/TLS certificate file formats — what PEM, DER, PFX/P12, CER, CRT, and P7B mean, when to use each, and how to convert between them.
A deep dive into JSON Web Tokens — how they work, what the three parts mean, common vulnerabilities, and how to use JWTs securely in modern applications.