Security Glossary
Clear and concise explanations of key terms related to password security.
ア行
IDS vs IPS - Intrusion Detection and Prevention
IDS monitors network traffic for suspicious activity while IPS blocks threats automatically. See how both fit into a layered network defense strategy.
IP Spoofing - Forging Source Addresses in Packets
IP spoofing fakes the sender address in network packets to bypass filters or amplify DDoS floods. Learn how ingress filtering and BCP38 counter it.
IP Blocklists - Blocking Known Malicious Sources
An IP blocklist denies access from addresses flagged as malicious. Learn how threat feeds, firewalls, and automated updates keep your list effective.
Access Control Models - RBAC, ABAC, and ACL
Access control determines who can view or modify resources. Compare role-based, attribute-based, and access control list models to pick the right fit.
Adware - Unwanted Ads and Hidden Tracking Risks
Adware forces intrusive ads onto your screen and may track browsing habits. Learn how it bundles with free software and the most effective removal steps.
Encryption Explained - Symmetric, Asymmetric, and More
Encryption transforms readable data into ciphertext only authorized parties can decode. Covers AES, RSA, and TLS to help you choose the right method.
Incident Response - A Step-by-Step Cyber Attack Plan
Incident response is the structured process of detecting, containing, and recovering from breaches. Walk through the six essential phases of an IR plan.
Air-Gapped Networks - Physical Isolation for Security
An air-gapped system has no connection to the internet or external networks. Learn when physical isolation is the right choice for critical infrastructure.
HSM - Hardware Security Modules Explained
An HSM is tamper-resistant hardware that stores and processes cryptographic keys. See how HSMs protect keys in banking, PKI, and cloud environments.
SSL/TLS - How HTTPS Encrypts Your Connection
SSL/TLS encrypts data between browser and server to prevent eavesdropping. Learn how the TLS handshake, certificates, and cipher suites keep you safe.
SQL Injection - How Attackers Exploit Databases
SQL injection inserts malicious queries through input fields to read or modify database records. Learn parameterized queries and other proven defenses.
End-to-End Encryption (E2EE) - True Message Privacy
E2EE ensures only the sender and recipient can read a message, with no middleman access. See how messaging apps implement E2EE to protect conversations.
Password Entropy - How to Measure Real Strength
Entropy quantifies password randomness in bits. Higher entropy means exponentially harder to crack. See how length and character variety affect security.
OAuth 2.0 - Secure Delegated Authorization
OAuth lets apps access your data without sharing your password. Understand access tokens, scopes, grant types, and how they manage permissions securely.
カ行
Cryptographic Key Management Best Practices
Key management covers generating, storing, rotating, and destroying encryption keys. Poor key handling can undermine even the strongest cryptography.
Keyloggers - How They Steal Your Passwords
A keylogger records every keystroke to capture passwords and personal data. Learn how keyloggers spread, how to detect them, and effective countermeasures.
CAPTCHA - Telling Humans and Bots Apart
CAPTCHA challenges verify that a visitor is human, not an automated bot. Explore image, audio, and invisible CAPTCHA types that guard forms and logins.
Cyber Threat Intelligence for Proactive Defense
Threat intelligence collects and analyzes data on emerging cyber threats. Learn how actionable intel helps security teams anticipate and block attacks.
What Is Credential Stuffing?
Credential stuffing automates stolen username-password pairs against multiple sites. Discover why reusing passwords puts every account at risk.
Cross-Site Scripting (XSS) - Types and Prevention
XSS injects malicious scripts into web pages to steal cookies or redirect users. Covers stored, reflected, and DOM-based XSS with defense techniques.
Privilege Escalation - From User to Admin Access
Privilege escalation lets attackers elevate from a basic account to full admin control. Learn vertical and horizontal techniques and defenses against them.
Security Code Review - Catching Bugs Before Release
Code review catches vulnerabilities and logic errors before they reach production. Learn manual review techniques and how SAST tools automate detection.
Security Compliance - SOC 2, ISO 27001, PCI DSS
Compliance aligns security practices with laws and industry standards. Learn how SOC 2, ISO 27001, and PCI DSS frameworks are audited and maintained.
サ行
Principle of Least Privilege - Minimize Permissions
Least privilege grants users only the minimum access they need. Learn how it limits blast radius, prevents insider threats, and supports zero trust.
Cyber Insurance - Coverage, Costs, and Eligibility
Cyber insurance offsets costs from data breaches, ransomware, and business disruption. Learn typical coverage, common exclusions, and how to qualify.
Supply Chain Attacks - Threats in Software Delivery
Supply chain attacks inject malicious code into trusted software updates or open-source packages. Learn how these attacks unfold and how to defend.
Sandboxing - Isolating Untrusted Code Safely
A sandbox runs suspicious programs in an isolated environment to prevent system damage. See how sandboxing catches zero-day malware before it spreads.
CSRF - Cross-Site Request Forgery Explained
CSRF tricks your browser into sending unauthorized requests while you are logged in. Learn how anti-CSRF tokens and SameSite cookies prevent this attack.
GDPR - EU Data Protection Rules Explained
The GDPR governs how organizations collect, store, and process personal data of EU residents. Understand consent rules, data subject rights, and penalties.
CVE - How Vulnerabilities Are Identified and Tracked
CVE assigns unique IDs to publicly disclosed security flaws for tracking and prioritization. Learn how CVSS severity scores guide patching decisions.
SIEM - Centralized Security Event Monitoring
SIEM collects logs across your infrastructure, correlates events, and triggers real-time alerts. See how it powers modern threat detection and response.
Business Continuity Planning - Surviving Disruptions
A BCP ensures critical operations continue during cyberattacks or natural disasters. Learn risk assessment, backup sites, and crisis communication plans.
Dictionary Attacks - Guessing Passwords with Words
A dictionary attack tests common words, phrases, and leaked passwords to crack credentials. Learn why random passwords and lockout policies stop it.
SIM Swapping - How Attackers Hijack Phone Numbers
SIM swapping tricks your carrier into transferring your number to an attacker, bypassing SMS 2FA. Learn how to lock your mobile account and use safer MFA.
Shoulder Surfing - Preventing Visual Password Theft
Shoulder surfing is the act of watching someone enter a password or PIN in public. Privacy screens, biometric unlock, and awareness help prevent it.
Single Sign-On (SSO) - One Login for All Apps
SSO authenticates users once and grants access to multiple services seamlessly. See how SAML, OpenID Connect, and federation simplify enterprise login.
Spyware - How It Tracks You and How to Remove It
Spyware silently monitors your activity and sends personal data to third parties. Learn how it installs, the warning signs, and effective removal steps.
Spear Phishing - Targeted Email Attack Tactics
Spear phishing crafts personalized messages using researched details about a specific target. See how it differs from mass phishing and why it succeeds.
VPN Split Tunneling - Benefits and Security Trade-offs
Split tunneling routes only selected traffic through the VPN while the rest goes direct. Weigh the performance gains against the security risks involved.
Security Vulnerabilities - How Flaws Get Exploited
A vulnerability is a weakness in software or configuration that attackers can exploit. Learn how scanning, patching, and secure coding reduce exposure.
Biometric Authentication - Fingerprint, Face, Iris
Biometrics verify identity using unique physical traits such as fingerprints and facial geometry. Weigh the convenience gains against spoofing risks.
Secure Coding Practices for Developers
Secure coding prevents injection, XSS, and buffer overflows at the source. Learn OWASP Top 10 guidelines and input validation techniques for safer apps.
Security Audits - Evaluating Your Cyber Defenses
A security audit reviews controls, policies, and infrastructure for weaknesses. Learn about audit types, frameworks like ISO 27001, and remediation steps.
Security Tokens - Hardware Keys and OTP Devices
Security tokens generate one-time codes or store cryptographic keys for strong authentication. Compare hardware keys like YubiKey with software OTP apps.
Session Hijacking - How Attackers Steal Logins
Session hijacking captures cookies or tokens to impersonate authenticated users. Learn how HTTPS, secure cookies, and token rotation block this attack.
Zero-Day Exploits - Attacks Before Patches Exist
A zero-day targets a flaw unknown to the vendor, leaving no time to patch. Understand why these exploits are so dangerous and how to limit your risk.
Zero Trust Security - Never Trust, Always Verify
Zero trust treats every access request as untrusted regardless of network location. Learn the core principles, architecture, and implementation roadmap.
Social Engineering Attacks and How to Defend Yourself
Social engineering exploits human psychology rather than technical flaws. Explore pretexting, baiting, and tailgating tactics with practical defense tips.
Security Operations Center (SOC) - Roles and Tools
A SOC is a dedicated team that monitors, detects, and responds to cyber threats around the clock. Learn the key roles, essential tools, and workflows.
Password Salting - Why Hashing Alone Falls Short
A salt prepends unique random data before hashing so identical passwords yield different digests. Learn why salting defeats rainbow table attacks.
タ行
The Dark Web - Stolen Data and Hidden Markets
The dark web is an encrypted layer of the internet reachable only through Tor. Stolen passwords and personal data are bought and sold on its markets.
Typosquatting - Fake Domains from Misspelled URLs
Typosquatting registers domains that mimic popular sites to exploit typing mistakes. See how attackers use lookalike URLs for phishing and malware.
Defense in Depth - Layered Cybersecurity Strategy
Defense in depth stacks multiple security controls so no single failure compromises the system. See how firewalls, encryption, and monitoring combine.
Multi-Factor Authentication (MFA) - Why It Matters
MFA combines two or more verification factors - knowledge, possession, and biometrics. Learn why MFA blocks over 99 percent of automated account attacks.
Man-in-the-Middle (MITM) Attacks Explained
MITM attackers intercept communication between two parties to eavesdrop or alter data. See how TLS, VPNs, and certificate pinning prevent interception.
Encryption in Transit - Protecting Data on the Wire
Encryption in transit secures data moving across networks using TLS, VPNs, or SSH. Learn why unencrypted traffic is an easy target for eavesdropping.
DNS over HTTPS (DoH) - Encrypting DNS Queries
DoH encrypts DNS lookups inside HTTPS so ISPs and attackers cannot see which sites you visit. Learn how to enable DoH in your browser and on your router.
DNS Spoofing - Cache Poisoning and Redirection
DNS spoofing corrupts resolver caches to redirect users to malicious sites. See how DNSSEC and encrypted DNS protocols like DoH defend against poisoning.
DMZ Network Architecture and Its Security Role
A DMZ creates a buffer zone between the internet and your internal network for public-facing servers. Learn how it contains damage from compromised hosts.
TOTP - Time-Based One-Time Passwords for 2FA
TOTP generates a fresh code every 30 seconds for two-factor authentication. See how authenticator apps use TOTP to add a strong second login factor.
DDoS Attacks - How They Work and How to Mitigate
A DDoS attack overwhelms servers with traffic from thousands of sources to force outages. Learn how botnets drive these attacks and proven defense methods.
Deepfakes - Detection and Defense Strategies
Deepfakes leverage deep learning to forge realistic audio and video for fraud. Learn detection techniques and verification methods to counter them.
Disaster Recovery Planning - RTO, RPO, and Failover
A disaster recovery plan defines how to restore systems after outages or attacks. Learn how to set RTO and RPO targets and design failover strategies.
Data Classification - Organizing by Sensitivity Level
Data classification labels information by sensitivity to guide encryption, access controls, and retention. Learn common classification tiers and methods.
Data Masking - Anonymizing Sensitive Information
Data masking replaces real data with realistic fake values for safe use in testing and analytics. Compare static, dynamic, and on-the-fly techniques.
Data Breaches - Causes, Impact, and Response Steps
A data breach exposes sensitive records through hacking, misconfigurations, or insider threats. Learn the leading causes and a step-by-step response plan.
Digital Signatures - Verifying Data Authenticity
A digital signature uses public-key cryptography to prove a message is unaltered and confirm the sender. Learn how signing and verification work.
Tokenization - Replacing Sensitive Data with Tokens
Tokenization swaps credit card numbers and other sensitive data with non-reversible tokens. See how it differs from encryption and reduces PCI DSS scope.
Trojan Horse Malware - Disguised Digital Threats
A trojan poses as legitimate software to slip past defenses. Once inside, it can steal data, install backdoors, or download additional malware payloads.
ナ行
What Is Two-Factor Authentication (2FA)?
Two-factor authentication adds a second verification layer to your login. Compare SMS codes, authenticator apps, and hardware keys for safety.
Certificate Authorities and the Chain of Trust
A certificate authority issues digital certificates that verify website identity. Understand how the chain of trust secures every HTTPS connection.
Network Segmentation - Stopping Lateral Movement
Network segmentation divides a network into isolated zones so breaches cannot spread. Explore VLANs, micro-segmentation, and zero trust network design.
ハ行
Bug Bounty Programs - Crowdsourced Vulnerability Discovery
Bug bounty programs reward researchers who responsibly report security flaws. Learn how leading companies structure and run successful bounty programs.
Passkeys - FIDO2 Passwordless Authentication
Passkeys replace passwords with public-key cryptography stored on your device. See which platforms support passkeys and how to enable passwordless login.
Password Spraying - Low-and-Slow Account Attacks
Password spraying tests a few common passwords across many accounts to evade lockouts. Learn detection methods and why unique passwords are your defense.
Password Policy Best Practices for 2025
A strong password policy defines minimum length, complexity, and rotation rules. Learn NIST-aligned guidelines that improve security without user friction.
How Password Managers Keep Your Accounts Safe
Password managers generate, encrypt, and auto-fill unique credentials for every login. Learn how an encrypted vault simplifies security across all devices.
Backdoors in Cybersecurity - Hidden System Access
A backdoor bypasses normal authentication to give attackers covert access. Learn how backdoors get planted in software and the best ways to detect them.
Cryptographic Hashing - Protecting Stored Passwords
A hash function converts data into a fixed-length digest that cannot be reversed. See how bcrypt, Argon2, and salting secure passwords against cracking.
Patch Management - Why Timely Updates Matter
Patch management tests and deploys software updates that fix known vulnerabilities. Most successful exploits target systems with missing patches.
Honeypots - Decoy Systems That Trap Attackers
A honeypot mimics a real system to lure attackers and study their methods. See how security teams use honeypots for early warning and threat intelligence.
PKI - Public Key Infrastructure Explained
PKI manages digital certificates and encryption keys for secure communication. Explore certificate authorities, trust chains, and key revocation processes.
Firewalls Explained - Packet Filtering to NGFW
Firewalls monitor and filter network traffic based on predefined security rules. Covers packet filtering, stateful inspection, and next-gen firewalls.
Fuzz Testing - Finding Hidden Software Vulnerabilities
Fuzzing feeds random or malformed input to software to trigger crashes and expose flaws. See how coverage-guided fuzzers find bugs that unit tests miss.
Phishing Attacks - How to Recognize and Avoid Them
Phishing tricks you with fake emails and spoofed websites to steal credentials. Learn the warning signs, real-world examples, and steps to stay protected.
VPN Explained - How It Protects Your Privacy Online
A VPN encrypts internet traffic and masks your IP address through a secure tunnel. Learn when a VPN truly protects you and how to pick the right one.
Brute Force Attacks - How They Crack Passwords
Brute force attacks try every possible combination until the correct password is found. See how password length, complexity, and rate limiting stop them.
Penetration Testing - Simulating Real-World Attacks
Pen testers simulate real attacks to uncover vulnerabilities before criminals do. Learn the testing phases, common tools, and how findings drive fixes.
Whaling Attacks - Phishing That Targets Executives
Whaling sends highly personalized phishing emails to CEOs and senior leaders. Learn why these attacks cause massive losses and how to prevent them.
Port Scanning - Network Reconnaissance Techniques
Port scanning probes a host for open ports to map running services and potential weaknesses. Learn about SYN scans, TCP connect scans, and firewall rules.
Encryption at Rest - Securing Data on Disk
Encryption at rest protects files on disks, databases, and backups from unauthorized access. Learn how AES-256 and proper key management guard stored data.
Botnets - How Infected Device Networks Operate
A botnet is a network of compromised devices controlled remotely for DDoS, spam, and theft. Explore the botnet lifecycle and how takedowns are executed.
マ行
Malware Types - Viruses, Trojans, Worms, and More
Malware is any software designed to damage or exploit a device. Learn to identify viruses, trojans, worms, and spyware, and how to remove them safely.
Watering Hole Attacks - Compromising Trusted Sites
A watering hole attack plants exploits on websites a target group regularly visits. Learn how attackers choose sites and how to reduce your exposure.
ラ行
Ransomware - How It Spreads and How to Stop It
Ransomware locks your files with encryption and demands payment for the key. Understand infection vectors, prevention strategies, and recovery options.
Rootkits - Stealthy Malware Deep in Your OS
A rootkit hides deep in the OS to maintain persistent, undetected access. Explore kernel-level and user-level rootkits and how to find them.
Rainbow Table Attacks - Cracking Hashed Passwords
Rainbow tables map precomputed hashes to plaintext for instant password lookups. See why salted hashes and modern algorithms render this attack obsolete.
Rate Limiting - Controlling API and Web Traffic
Rate limiting caps how many requests a user or IP can send in a given window. Learn how it stops brute force attacks, scraping, and API abuse.
ワ行
Computer Worms - Self-Spreading Network Malware
A worm replicates itself across networks without user interaction. Learn how worms exploit vulnerabilities and how segmentation limits their spread.
WAF - Web Application Firewall Protection
A WAF inspects HTTP traffic to block SQL injection, XSS, and other web attacks before they reach your app. Learn about rule sets, tuning, and deployment.