Avatar ๐Ÿ”
Brennenstuhl on Security

Exploring usable security & website authentication with a foible for data breaches, account security and pass{keys, codes, words}.

  1. Home
  2. About me
  3. Knowledge Base
  4. Search
  5. Archives
  6. Disclaimer
    1. Dark Mode

Featured image of post Identity & Access Management

Identity & Access Management

Featured image of post Ethical Hacking

Ethical Hacking

Featured image of post Software Security

Software Security

Featured image of post Application Security

Application Security

Featured image of post Software Engineering

Software Engineering

2025

Bunny Shield Review: 3 Things Need Improvement

07. Jun 2025
Bunny Shield Review: 3 Things Need Improvement

Bunny CDN: How to redirect Root Domain to Subdomain

22. Apr 2025
Bunny CDN: How to redirect Root Domain to Subdomain

2023

What is JWA? A Deep Dive into JSON Web Algorithms

08. Jun 2023
What is JWA? A Deep Dive into JSON Web Algorithms

Mastering JWKS: JSON Web Key Sets Explained

02. Jun 2023
Mastering JWKS: JSON Web Key Sets Explained

JWE Token: An In-depth Exploration into JSON Web Encryption Standards

29. May 2023
JWE Token: An In-depth Exploration into JSON Web Encryption Standards

JWT vs OAuth 2.0: Understanding the Key Differences

24. May 2023
JWT vs OAuth 2.0: Understanding the Key Differences

What is Whaling Cyber Awareness? Prevention Tips & Training

23. May 2023
What is Whaling Cyber Awareness? Prevention Tips & Training

Whaling Phishing: Definition and Prevention Strategies

18. May 2023
Whaling Phishing: Definition and Prevention Strategies

Step-Up Authentication: Elevating Security with OpenID Connect (OIDC)

14. May 2023
Step-Up Authentication: Elevating Security with OpenID Connect (OIDC)

Password Attack Guide: What is Password Spraying?

11. May 2023
Password Attack Guide: What is Password Spraying?

Passwordless: Critical Notes on FIDO2 Passkeys

08. May 2023
Passwordless: Critical Notes on FIDO2 Passkeys

Passwordless Authentication: Future of Cybersecurity

07. May 2023
Passwordless Authentication: Future of Cybersecurity

Long Password Support for Safer Login Systems

06. May 2023
Long Password Support for Safer Login Systems

Password Length Recommendation: The Ultimate Guide to Strong Passwords

04. May 2023
Password Length Recommendation: The Ultimate Guide to Strong Passwords

Honeytoken: Authentication Attack Breach Detection

29. Apr 2023
Honeytoken: Authentication Attack Breach Detection

How to Design a Strong & Usable Password Policy

26. Apr 2023
How to Design a Strong & Usable Password Policy

How to: Password-Manager Friendly Login Forms

23. Apr 2023
How to: Password-Manager Friendly Login Forms

2017

Learning AssertJ: Null ain't Blank

05. Sep 2017
Learning AssertJ: Null ain't Blank

The Purpose of JWT: Stateless Authentication

28. Apr 2017
The Purpose of JWT: Stateless Authentication

On Making Spring Security OAuth RFC-compliant

01. Feb 2017
On Making Spring Security OAuth RFC-compliant

Weak Crypto, Github SAML Attack & Twitter Security UX

15. Jan 2017
Weak Crypto, Github SAML Attack & Twitter Security UX

2016

Single-Use JWT: Unlocking the Power of Stateless One Time Token

30. Dec 2016
Single-Use JWT: Unlocking the Power of Stateless One Time Token

AWS DynamoDB: Backup & Recovery Strategy

18. Jan 2016
AWS DynamoDB: Backup & Recovery Strategy

2015

Evolution of a Microservice: A Git History Visualisation

21. May 2015
Evolution of a Microservice: A Git History Visualisation

Abusing JSON: Why AWS CloudFormation sucks?!

21. May 2015
Abusing JSON: Why AWS CloudFormation sucks?!

Python Docopt: Convert Tuple List to Dictionary

28. Apr 2015
Python Docopt: Convert Tuple List to Dictionary

How to Migrate SVN to GIT with History?

15. Apr 2015
How to Migrate SVN to GIT with History?

How to Check Github Licenses

25. Mar 2015
How to Check Github Licenses

AWS Monocyte: Let's Build a Cloud Immune System

18. Mar 2015
AWS Monocyte: Let's Build a Cloud Immune System
Brennenstuhl on Security
Made and hosted in the EU ๐Ÿ‡ช๐Ÿ‡บ ยท Powered by Hugo & Stack
Imprint ยท Privacy