{"componentChunkName":"component---src-templates-blog-list-template-js","path":"/98","result":{"data":{"allMarkdownRemark":{"edges":[{"node":{"excerpt":"Suppose, You have a massive amount of data and want to add them to your new product campaign. You are probably not sure that all of them…","fields":{"slug":"/engineering/eva-google-script/"},"html":"

Suppose, You have a massive amount of data and want to add them to your new product campaign. You are probably not sure that all of them belong to the right audience; some might be spam or disposable emails.

\n

Now, the actual problem is that how can I do validate so many email addresses?

\n

Well, it would be great to verify them all together in a single shot with 100% accurate results without any manual interaction.

\n

I am writing this article as so many of us have the same concern and are looking for a business email validator that can resolve this problem with high accuracy.

\n

Here we have the tool EVA (Email Verification APIs), which provides excellent email verification services with their open APIs.

\n

EVA service with Google Sheet

\n

Google allows you to create scripts using your custom functions with the service you wanted to use. You can make these functions in standard JavaScript with a basic understanding of JS. Here is the guide to start with Custom Functions in Google Sheets.

\n

Custom Function

\n

=eva(email)

\n

Eva needs the email address only from you and the rest will perform with their excellent service. You can also go through the Email Verification API (EVA) article for more details about EVA.

\n

Here is the custom function created using the EVA Services to validate email.

\n
function eva(email) {\n  var url = "https://api.eva.pingutil.com/email?email="+email;\n  var res = UrlFetchApp.fetch(url);\n\n  // Get status of the API\n  var status = res.getResponseCode();\n  if (status != 200) {\n    return false;\n  }\n  var contextText = res.getContentText();\n \n  var result = JSON.parse(contextText);\n \n // Logic to check Business Email\n  if (result["data"]["disposable"] === false && result["data"]["webmail"] === false &&  result["data"]["spam"]  === false && result["data"]["deliverable"] === true) {\n    return true\n  }\n  return false;\n}
\n

Add Script

\n

We are all set with our script and now need to add this script under Google Script Editor under tools and save it.

\n

\"Google

\n

Run Script

\n

That all! Now I need to drag this formula to the entire rows on which I want to perform validation.

\n

\"Drag\"

\n

Perfect :)

\n

Setup Trigger

\n

You can set up a trigger to action (i.e., on open, edit or change in sheet) by navigating tools -> script editor and click on the left alarm icon.

\n

\"Trigger\"

\n

Conclusion

\n

In this article, I've explained EVA services to validate email addresses in bulk using the google script editor. If you like what you read, leave a \"thank you note\" in the comment section.

\n","frontmatter":{"date":"February 22, 2021","updated_date":null,"description":"Directly checking email addresses for authenticity in the Google spreadsheet using EVA has never been easier. In this article, you will learn how to validate email addresses using EVA services in Google Sheets.","title":"How to Verify Email Addresses in Google Sheet","tags":["EVA","Google Script","Email Validation"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/532c1db0bab60ffa3eead6e63d119ff7/ee604/eva.png","srcSet":"/static/532c1db0bab60ffa3eead6e63d119ff7/69585/eva.png 200w,\n/static/532c1db0bab60ffa3eead6e63d119ff7/497c6/eva.png 400w,\n/static/532c1db0bab60ffa3eead6e63d119ff7/ee604/eva.png 800w,\n/static/532c1db0bab60ffa3eead6e63d119ff7/e6250/eva.png 1074w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Narendra Pareek","github":"pareek-narendra","avatar":null}}}},{"node":{"excerpt":"The outbreak of COVID-19 has taught the world a lot of things. In most countries, a lockdown was implemented as a precautionary measure to…","fields":{"slug":"/growth/hybrid-workforce/"},"html":"

The outbreak of COVID-19 has taught the world a lot of things. In most countries, a lockdown was implemented as a precautionary measure to prevent this disease. As a result, employees across the globe started working remotely from their homes.

\n

Now that the lockdown has ended, there is an option for the employees to come back and work in the offices. But, it is observed that most of the employees prefer working remotely, and a sense of better performance and results is also experienced among remote employees.

\n

A hybrid workforce model is the future of the remote workforce. Most companies are planning to let their employees work remotely to ensure the continuity of the increased performance.

\n

Such a workforce also ensures that employees work at the ease of being at home.

\n

What is a Hybrid Workforce Model

\n

A hybrid workforce model is an arrangement in which there are employees who work at a single central location which may be an office or warehouse, or storehouse, in coordination with another group of employees who are working remotely. There is usually a group of employees who are creating a bridge between the office and the remote work.

\n

A hybrid workforce is the future of work that makes one of the best use of human resources as the employees working remotely feel independent to work according to their will, and thus the employee productivity increases.

\n

However, it was not all that easy to get the result as employees were often distracted with their household chores. Due to this, continued work was not possible. Despite this, what made remote working a plausible option for many businesses is the initiative from the employees' end. Employees were willing to put in more work hours due to the relaxed atmosphere of their house. Furthermore, businesses could save time employees would otherwise spend commuting to and fro.

\n

The convenience that remote working brings forms the basis for adopting a hybrid workforce model in the present and future.

\n

Benefits of Hybrid Workforce

\n\n

A survey was conducted by Indeed in which 40% of the employees said that they were okay to get a pay cut in exchange for working remotely. Working from home during the pandemic had its challenges, but it also gave the independence and flexibility to the employees to work according to their will, and now, post-pandemic, the employees wish to continue working from home.

\n\n

A Harvard Business School professor, along with his fellow researchers saw the outcomes of remote working that offers flexible working arrangements at the USPTO. The study found that productivity has increased by 4.4 percent, which represented 1.3 billion dollars of addition in the U.S. economy. We can conclude from this research that company leaders and the remote workers are working in tandem, more productively.

\n\n

When the whole workforce was forced to abandon office for their homes, businesses across the globe discovered a silver lining in the situation; a hidden benefit that could increase profit margins. Employers no longer had to pay travel allowance, utility bills for the office space and discovered the increased revenue as a result of this.

\n

On the employees' end, the situation was just as beneficial. They didn't need to spend on daily office commute or invest in outside lunch. Furthermore, employees could move to a more affordable neighbourhood as they no longer needed to save money on commuting by living nearer to their office. This also means they have more of their income at hand than before.

\n

Challenges of Managing a Hybrid Workforce

\n

A survey by the Sanford Institution for Economic Policy Research (SIEPR) tells that neither every employee can work remotely nor every job is for remote work.

\n\n

There are a few things necessary for setting up a hybrid workforce model.

\n\n

Company leaders will need to understand which employees should come and which should not and also decide how to make the interaction between remotely and at-office employees.

\n\n

According to a report submitted by Spiceworks Ziff Davis, 76% of the organizations are planning to invest in long-term IT changes which will support a remote workforce. It is also important while installing the tech and software that the user experience is satisfactory.

\n

For all its benefits and implementation strategies, a hybrid workforce cannot be an option for every job because not every job can be done independently.

\n

Managing Cybersecurity in the Hybrid Workplace

\n

Everything has pros and cons, so is the case with a hybrid workforce. According to a survey by 250 IT, decision-makers and 2000 working professionals, 75% of IT leaders believe the future of the work will be a hybrid workplace, i.e. employees working remotely and in-office.

\n

There is also the security risk for organizations and employees working in hybrid work mode. They may be in the form of downloading unsafe apps, malware infection, data leakage, unauthorized access to data etc. The use of public Wi-Fi is also a reason of concern; 58% of the employees have admitted that they consider using public Wi-Fi or have already used an unprotected network source.

\n

It is important to make sure that the data is stored and processed in a way that customers' privacy and security of data are not compromised.

\n

The following is necessary to help the proper establishment of a hybrid workforce:

\n\n

Shifting Perspective on the Essence of Remote work

\n

A survey conducted by Garter Inc. of 317 CFOs and Financial leaders revealed that more than 70% remove at least 5% of their workforce to permanently remote positions post pandemic. This will not only save their workspace but also add in their overall net growth by at least 4%, as happened in the U.S.

\n

This data shows the impact of the covid-19 pandemic and the lockdown on the companies and their business module.

\n

There are many steps that need to be followed and in order to create a harmonious environment for employees working remotely and those working at the office. It becomes necessary for companies to make their employees technically educated. It is important that the non-IT companies not only get their employees trained for working remotely or, say, for hybrid workforce programmes.

\n

Companies also need to provide the employees working remotely and the HR leaders working at the office with all the necessary equipment that would not only build a hybrid workforce environment but also help employees work according to the need without any trouble that might arise due to some technical absence.

\n

Conclusion

\n

A Hybrid workforce can prove to be beneficial both for companies and the employees who would work remotely. This change was forced into action due to the covid-19 pandemic, but it'll be the future of the work. It'll lead to a great many changes. It will not only help businesses build more money, but it'll also help them lessen the workload on the employees. In a nutshell, the hybrid workforce model is a win-win for both employers and employees.

\n

\n \n \n

\n","frontmatter":{"date":"February 22, 2021","updated_date":null,"description":"A hybrid workforce model is the future of the remote workforce. Most companies are planning to let their employees work remotely to ensure the continuity of the increased performance. Employees were willing to put in more work hours due to the relaxed atmosphere of their home.","title":"Hybrid Workforce: Laying The Foundation of Remote Working","tags":null,"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/ba9616cccaf123119d50aee8f771fef3/14b42/hybrid-workforce.jpg","srcSet":"/static/ba9616cccaf123119d50aee8f771fef3/f836f/hybrid-workforce.jpg 200w,\n/static/ba9616cccaf123119d50aee8f771fef3/2244e/hybrid-workforce.jpg 400w,\n/static/ba9616cccaf123119d50aee8f771fef3/14b42/hybrid-workforce.jpg 800w,\n/static/ba9616cccaf123119d50aee8f771fef3/47498/hybrid-workforce.jpg 1200w,\n/static/ba9616cccaf123119d50aee8f771fef3/ec6c5/hybrid-workforce.jpg 1280w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.jpg"}}}},{"node":{"excerpt":"Whenever we talk about asynchronous programming in JavaScript, there is sometimes confusion in how it can be asynchronous if it is single…","fields":{"slug":"/engineering/concurrency-vs-parallelism/"},"html":"

Whenever we talk about asynchronous programming in JavaScript, there is sometimes confusion in how it can be asynchronous if it is single-threaded. To answer this correctly, I think it's a good thing first to understand the difference between concurrency and parallelism, two terms that are commonly brought up with multithreading.

\n

Concurrency

\n

Concurrency describes independent parts of a program to run in an arbitrary order without affecting the outcome. A concurrent application can execute multiple tasks over an overlapping period. This means that while we can start new tasks before the previous one is complete, we cannot perform work on each task simultaneously.

\n

\n \n \n

\n

You can think of a concurrent execution model as a single chef preparing a meal. Any chef worth their salt can work on multiple dishes (or various parts of a dish) at once. They might chop the vegetables for their stir-fry while the rice is steamed in the rice cooker or leave the vegetables to fry in the pan while cleaning up their workspace. In this scenario, the chef can perform multiple tasks at once; however, at any given time, he is only able to work on a particular unit of work at a given time.

\n

You might point out that the chef can perform other actions in this example scenario while something like the rice is steaming, which is technically work still being done. However, the concurrency in this scenario only applies to the chef's context, who is not actively working on the rice as it is being steamed.

\n

Similarly, the JavaScript Event Loop allows your scripts (the chef) to hand off tasks like HTTP requests and timeouts to the browser Web API (rice cooker), allowing the script to execute other code portions while waiting for a response. Once the Web API task is complete, it is pushed back into the Event Loop call stack. While the Web API acts as a separate thread where it can complete certain tasks outside the main thread's scope, your actual JavaScript code is still executed on a single thread concurrently.

\n

Parallelism

\n

Parallelism describes the ability for independent parts of a program to be physically executed at the same time. A parallel application can distribute its tasks to independent processors (such as different cores or threads of a CPU) to be executed simultaneously.

\n

\n \n \n

\n

You can think of a parallel execution model as multiple chefs individually each preparing a meal. These individual chefs may be preparing their dishes in a concurrent manner (like the above) or a sequential one; either way, the result is that rather than producing a single meal, the kitchen has prepared multiple meals over a unit of time.

\n

Modern browsers allow you to program parallelly by using Web Workers. These spawn separate threads to execute JavaScript independently from the main thread.

\n

Concurrency or Parallelism which one is better?

\n

So we've established that multiple chefs can get a kitchen to produce multiple dishes in the same amount of time as a single dish from a kitchen with a single chef. Modern hardware almost always has multiple threads, so why isn't all code run in parallel? If it takes one chef 10 minutes to prepare one stir-fry and five chefs 10 minutes to prepare five stir-fries, can five chefs produce one stir-fry in 2 minutes? This is where parallel computation can get difficult.

\n

Tasks can speed up by distributing the workload onto multiple threads. However, this requires splitting up the workload in a way that can work independently and effectively. Think of how five chefs would prepare a single stir fry together:

\n\n

Similarly, on the computing side, parallel programming solutions are generally harder to implement and debug. Depending on the task, they can sometimes even perform worse than serially run counterparts due to the various costs of overhead (transferring data between threads, creating and destroying threads, synchronization of work, etc.).

\n

Conclusion

\n

To conclude this post, neither are inherently superior to the other. Both execution models are useful tools for producing efficient and reliable solutions and are used together in many cases. I hope this helps to clear up the differences between the two, or if not, at least provided a mildly entertaining analogy to illustrate each.

\n","frontmatter":{"date":"February 19, 2021","updated_date":null,"description":"Concurrence and parallelism in relation to multithreaded applications are two concepts sometimes used. The distinction between concurrency and parallelism is clarified in this tutorial.","title":"Concurrency vs Parallelism: What's the Difference?","tags":["Concurrency","Parallelism","Multithreading","JavaScript"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/c34eed6e80876a068d90b6b2d463b284/14b42/unsplash.jpg","srcSet":"/static/c34eed6e80876a068d90b6b2d463b284/f836f/unsplash.jpg 200w,\n/static/c34eed6e80876a068d90b6b2d463b284/2244e/unsplash.jpg 400w,\n/static/c34eed6e80876a068d90b6b2d463b284/14b42/unsplash.jpg 800w,\n/static/c34eed6e80876a068d90b6b2d463b284/47498/unsplash.jpg 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Nick Chim","github":"nickc95","avatar":null}}}},{"node":{"excerpt":"Today, data breaches have become a significant threat to businesses across the globe. Therefore, considering the long list of resultant…","fields":{"slug":"/identity/best-practices-business-resilience/"},"html":"

Today, data breaches have become a significant threat to businesses across the globe. Therefore, considering the long list of resultant consequences to be faced as an aftermath, it is crucial for companies to come out the other side of a breach intact.

\n

The Annual Cybercrime Report 2019 by Cybersecurity Ventures says that these data breaches can cost global businesses around $6 trillion in 2021!

\n

According to experts, implementing business resilience best practices can help companies overcome issues that come with a data breach.

\n

So, what is business resiliency? Why is it important for companies? How to implement business resiliency practices during a data breach?

\n

Read on!

\n

What are the Business Impacts of a Data Breach

\n

During a data breach, companies’ confidential data are accessed by attackers without permission. It is not only about sensitive information going out to the wrong hands. These cyber attackers can also hack your database and conduct malicious activities, costing you both money and reputation.

\n

As per Cost of a Data Breach Report 2020 by IBM, the global average total cost of a data breach in 2020 was $3.86M. If this situation continues, by 2021, a business is expected to fall victim to a ransomware attack every 11 seconds.

\n

Now let’s consider some of the negative impacts of data breaches that make companies susceptible to financial and credibility loss.

\n\n

That’s why today, businesses are more focused on building a better security culture. According to Gartner forecasts, global spending on cybersecurity is expected to reach $133.7 billion by 2022.

\n

But, how effectively companies can deal with data breaches, especially in a hyper-connected world?

\n

To handle a data breach incident and the resulting loss of revenue and trust, every company should have an incident response plan with effective threat modeling. That’s where the idea of business reliance comes into the picture.

\n

What is Business Resiliency

\n

Business resilience can be defined as a business’ ability to quickly adapt and respond to impending risks or disruptions. More like a combination of crisis management and business continuity strategies post-disaster.

\n

Why is Business Resiliency Important for an Organization

\n

Business resilience has become an essential part of the business. Why? Because it saves businesses with its potential for higher recovery.

\n

Consider the unforeseen disasters, shifting market demands, and changing regulatory terms in today’s business world. In addition to these, there will be IT disruptions, sudden competitive movements, security threats like data breaches, etc. too. In order to survive all these unpredictable disruptions, businesses should achieve resilience at all means.

\n

For example, take a look at how businesses worldwide were affected by the COVID-19 pandemic. Only those organizations with agile business resilience planning were able to adapt and survive the COVID-19 challenges successfully. By adapting quickly to shifting business priorities, they are ready for the ‘new normal’ in the business battlefield.

\n

On the other side, business resilience best practices will assure that all your business activities comply with the latest industry standards and regulations. This will, in turn, improve your reliability, brand value, and reputation, especially in front of your stakeholders and customers. The resilience plans will also act as a blueprint of all your operations, giving you a head start.

\n

This can even cultivate a resilient organizational culture. It makes the whole business, including employees, quickly adapt to unforeseen challenges whenever the business operations or processes go awry. Or under threat like a data breach.

\n

\n \n \n

\n

5 Best Practices of Implementing Business Resiliency during a Data Breach

\n

So, to overcome the after-effects of a data breach in your business, it is important to implement a business resiliency.

\n

How? We are going to see the best practices of implementing business resilience under a data breach occurrence:

\n

1. Design a strong business resilience plan

\n

Develop a reliable, self-healing, resilience easy to manage architecture. It should be designed in such a way that the business can access all its components during a data breach.

\n

A native high-availability clustering is needed. Because no matter how well you have come up with a crisis management and continuity plan, it will be of no use if it’s not available on demand.

\n

So, it should be able to deploy quickly, with high scalability and flexibility.

\n

2. Virtual Desktop Infrastructure (VDI)

\n

Business resilience usually includes detailed planning and solutions to be implemented whenever an unexpected situation occurs, like a data breach. For this, companies use data centers, backups, and server virtualization. An example of this is the VDI.

\n

VDI makes sure that all the data is stored and accessed in the data center, not on the user’s device. This will eliminate the chances of data being leaked in case the device is stolen.

\n

3. Ransomware protection

\n

According to Purplesec 85% of security service providers, ransomware is one of the most common threats for small businesses.

\n

So, for ransomware protection and recovery as a part of business resilience during a data breach, you can make use of the following practices:

\n\n

4. Personnel, training, and expertise

\n

In the event of a data breach, the employees must have the required expertise for successfully executing the business resilience plans on time.

\n

To achieve this, there is a need for cross-training sections to be conducted. Some companies often choose to outsource all their IT operations to third-party service providers or consultants.

\n

But it is also important to have a good plan for survival, in case experts and trained personnel too are affected by the data breach disaster.

\n

5. Creating a Disaster Recovery (DR) plan

\n

During data breaches, businesses should come up with a plan to put the affected critical business systems back online as quickly as possible. This is important to avoid further damages.

\n

One of the best practices is to launch a secondary site as a stand-in for the primary data center.

\n

This Disaster Recovery (DR) site should have the following attributes:

\n\n

When a DR site is launched, the networking connectivity must be restored with the aid of IP address redirects or gateways. This way, the users can reconnect without changing their default settings. And it will be easier in the future to redirect them back to the primary data center when it is recovered.

\n

Conclusion

\n

A standard business resilience plan in the need of the hour. A recent study shows that the number of data breaches in 2020 almost doubled compared to that in 2019. The average total cost of data breaches in 2020 was $3.86 million. And it is expected to increase in the coming future too.

\n

So, it is important to implement fail-proof business resilience practices in your business to survive unexpected data breaches.

\n

\n \n \n

\n","frontmatter":{"date":"February 18, 2021","updated_date":null,"description":"Business resilience can be defined as a business’ ability to quickly adapt and respond to impending risks or disruptions. More like a combination of crisis management and business continuity strategies post-disaster.","title":"5 Best Practices of Implementing Business Resilience during a Data Breach","tags":["data security","resiliency","cx"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.6666666666666667,"src":"/static/f8f90d1304e6635ec63f053831227e9f/14b42/business-resilience.jpg","srcSet":"/static/f8f90d1304e6635ec63f053831227e9f/f836f/business-resilience.jpg 200w,\n/static/f8f90d1304e6635ec63f053831227e9f/2244e/business-resilience.jpg 400w,\n/static/f8f90d1304e6635ec63f053831227e9f/14b42/business-resilience.jpg 800w,\n/static/f8f90d1304e6635ec63f053831227e9f/16310/business-resilience.jpg 1024w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.jpg"}}}},{"node":{"excerpt":"Git is an important part of daily programming and is commonly used in the software industry. Since you can use a lot of different commands…","fields":{"slug":"/engineering/git-commands/"},"html":"

Git is an important part of daily programming and is commonly used in the software industry. Since you can use a lot of different commands, mastering Git needs time. But some commands are more commonly used. So I'm going to share the most useful Git commands in this post that every developer should know.

\n

But first you need to know the fundamentals of Git to understand this article.

\n

Useful Git Commands List

\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
CommandDescription
git initInitialize a local Git repository
git clone repo_urlClone public repository
git clone ssh://git@github.com/[username]/[repository-name].gitClone private repository
git statusCheck status
git add [file-name]Add a file to the staging area
git add -AAdd all new and changed files to the staging area
git commit -m \"[commit message]\"Commit changes
git rm -r [file-name.txt]Remove a file (or folder)
git branchList of branches (the asterisk denotes the current branch)
git branch -aList all branches (local and remote)
git branch [branch name]Create a new branch
git branch -d [branch name]Delete a branch
git branch -D [branch name]Delete a branch forcefully
git push origin --delete [branch name]Delete a remote branch
git checkout -b [branch name]Create a new branch and switch to it
git checkout -b [branch name] origin/[branch name]Clone a remote branch and switch to it
git branch -m [old branch name] [new branch name]Rename a local branch
git checkout [branch name]Switch to a branch
git checkout -Switch to the branch last checked out
git checkout -- [file-name.txt]Discard changes to a file
git merge [branch name]Merge a branch into the active branch
git merge [source branch] [target branch]Merge a branch into a target branch
git stashStash changes in a dirty working directory
git stash clearRemove all stashed entries
git push origin [branch name]Push a branch to your remote repository
git push -u origin [branch name]Push changes to remote repository (and remember the branch)
git pushPush changes to remote repository (remembered branch)
git push origin --delete [branch name]Delete a remote branch
git pullUpdate local repository to the newest commit
git pull origin [branch name]Pull changes from remote repository
git remote add origin ssh://git@github.com/[username]/[repository-name].gitAdd a remote repository
git remote set-url origin ssh://git@github.com/[username]/[repository-name].gitSet a repository's origin branch to SSH
git logView changes
git log --summaryView changes (detailed)
git log --onelineView changes (briefly)
git diff [source branch] [target branch]Preview changes before merging
git revert commitidRevert commit changes
git config --global user.name \"your_username\"Set globally Username
git config --global user.email \"your_email_address@example.com\"Set globally Email id
git config --global --listGet global config
\n

So these are the most helpful git commands I find in my everyday programming. There are several more things to learn about Git, I will explain them in a separate post.

\n","frontmatter":{"date":"February 17, 2021","updated_date":null,"description":"In this article, I will talk about the Git Commands that you will be using often when you are working with Git.","title":"35+ Git Commands List Every Programmer Should Know","tags":["GIT"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/dcc4ef7c6f6e2161d168898cf518845d/ee604/git.png","srcSet":"/static/dcc4ef7c6f6e2161d168898cf518845d/69585/git.png 200w,\n/static/dcc4ef7c6f6e2161d168898cf518845d/497c6/git.png 400w,\n/static/dcc4ef7c6f6e2161d168898cf518845d/ee604/git.png 800w,\n/static/dcc4ef7c6f6e2161d168898cf518845d/f3583/git.png 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Abhimanyu Singh Rathore","github":"abhir9","avatar":null}}}},{"node":{"excerpt":"Introduction No matter what online platforms or applications you use, you are never fully protected against cyberattacks. Statistics provide…","fields":{"slug":"/identity/what-is-broken-authentication/"},"html":"

Introduction

\n

No matter what online platforms or applications you use, you are never fully protected against cyberattacks.

\n

Statistics provide testimony to this fact as the number of data breaches rose by 37% in 2020 compared to 2019, and the trend is only increasing.

\n

The first step to protect your organization against such attacks is to have a comprehensive understanding of the issue.

\n

Let us begin by figuring out what is broken authentication.

\n

Very simply put, when the hacker gains access into the system admin's account by using the online platform's vulnerabilities, particularly in two areas: credential management and session management, it's referred to as broken authentication.

\n

Authentication protects a consumer's identity by allowing only a verified user to enter into the system. But there are numerous ways through which the hacker impersonates the consumer and enters inside the system.

\n

The weaknesses inherent in the system, as mentioned above, can be divided into two different groups, namely poor credential management and poor session management.

\n

What is Broken Authentication and Session Management?

\n

Broken Authentication and Session Management is a security vulnerability that occurs when the authentication and session management mechanisms of a web application are flawed or improperly implemented.

\n

Authentication refers to the process of verifying the identity of users, typically through usernames and passwords, while session management involves maintaining and controlling the user's session after authentication.

\n

When these mechanisms are compromised or misconfigured, attackers can exploit the vulnerabilities to gain unauthorized access to user accounts, impersonate other users, or hijack sessions. This can lead to severe security breaches and expose sensitive user information.

\n

What are the Risks of Broken Authentication?

\n

The risks associated with broken authentication are profound and can have detrimental effects on individuals and organizations:

\n

Unauthorized Access to Sensitive Information

\n

When attackers exploit broken authentication vulnerabilities, they can gain access to sensitive data such as personal information, financial details, or intellectual property. This unauthorized access can lead to data breaches and privacy violations.

\n

Manipulation or Deletion of User Data

\n

Once inside the system, attackers can manipulate or delete user data, causing disruptions to services, loss of important information, and potential legal ramifications.

\n

Impersonation of Legitimate Users

\n

By hijacking user sessions or impersonating legitimate users, attackers can carry out fraudulent activities on behalf of the compromised accounts. This could include fraudulent transactions, spreading misinformation, or performing actions that tarnish the reputation of the affected individuals or organizations.

\n

Escalation of Privileges

\n

If the compromised account belongs to an administrator or privileged user, attackers can escalate their privileges within the application. This can lead to complete system compromise and greater control over critical functions.

\n\n

The aftermath of a broken authentication attack can result in financial losses for businesses, especially if customer trust is compromised. Moreover, organizations may face legal consequences for failing to protect user data adequately.

\n

How to Prevent Broken Authentication?

\n

Preventing broken authentication requires a multifaceted approach that addresses vulnerabilities at various stages of the authentication and session management processes. Here are some effective strategies:

\n

1. Implement Multi-Factor Authentication (MFA)

\n\n

2. Enforce Strong Password Policies

\n\n

3. Limit Failed Login Attempts

\n\n

4. Secure Session Management

\n\n

5. Secure Credential Management

\n\n

6. Regular Security Audits and Updates

\n\n

What are Some Examples of Broken Authentication Vulnerability?

\n

There are several examples of broken authentication vulnerability that highlight the potential risks. One common example is weak or easily guessable passwords, such as \"123456\" or \"password,\" which can be exploited by attackers.

\n

Another example is the lack of proper session expiration, where user sessions remain active even after a user logs out, allowing an attacker to reuse the session and gain unauthorized access.

\n

Additionally, if an application does not implement measures to prevent brute-force attacks, attackers can repeatedly guess usernames and passwords until they find a valid combination. Inadequate protection against account lockouts, session hijacking, or session fixation are also examples of broken authentication vulnerabilities.

\n

What Scenarios Can Cause Broken Authentication?

\n

As mentioned earlier, the primary reasons for broken authentication. Let’s understand them one by one.

\n

1. Poor credential management

\n

Consumer credentials can be hijacked to gain access to the system. There are various ways that the hacker can steal critical information, such as the following:

\n\n

2. Poor session management

\n

Let’s assume you like playing online games. You log in to the application and make several interactions with the network.

\n

The application issues a session ID whenever you log in and records all your interactions. It is through this ID that the application communicates with you and responds to all your requests.

\n

The OWASP broken authentication recommendations state that this session ID is equivalent to your original login credentials. If hackers steal your session ID, they can sign in by impersonating your identity. This is known as session hijacking.

\n

The following points list the scenarios that can cause broken authentication.

\n\n

What is the Impact of Broken Authentication and Session Management?

\n

If a hacker successfully logs in by stealing your credentials using any of the above mentioned broken authentication techniques, they can misuse your privileges and impact your company's sustainability.

\n

Cybercriminals can have various intentions of hijacking your web application, such as:

\n\n

In short, hackers can use broken authentication attacks and session hijacking to gain access to the system by forging session data, such as cookies, and stealing login credentials.

\n

Thus, it would be best if you never compromised with your web applications' security.

\n

A Few Examples of Broken Authentication

\n

Here are a few examples of broken authentication.

\n

Example 1: Credential Stuffing

\n

Suppose you run a departmental store and sell groceries. To grow your business rapidly, you implement a CRM system that stores critical customer data, such as name, phone number, username, and password.

\n

Hackers make their way inside the CRM system and steal all the data. They then use the same credentials — usernames and passwords — to hack into the central bank's database.

\n

In this case, hackers are trying to successfully log in to the central bank's database by hoping that a handful of consumers must be using the same credentials at both places. Such kinds of broken authentication attacks are called credential stuffing.

\n

Example 2: Application session timeouts aren't set properly.

\n

Suppose you go to a cyber cafe and login your Gmail account. After sending the email, you close the browser tab and return home.

\n

Sometime later, the hacker opens your Gmail account and gains access to your crucial information. It happens because your credentials — username and password — haven't been invalidated adequately during logout.

\n

Thus, if the application session timeouts aren't set properly, hackers can execute a broken authentication attack.

\n

\n \n \n

\n

Example 3: Passwords are not properly hashed and salted.

\n

Look at the names and their hashes in the following table:

\n\n \n \n \n \n \n \n \n \n \n \n \n \n
Alice\n 4420d1918bbcf7686defdf9560bb5087d20076de5f77b7cb4c3b40bf46ec428b\n
Bob\n 4420d1918bbcf7686defdf9560bb5087d20076de5f77b7cb4c3b40bf46ec428b\n
Mike\n 77b177de23f81d37b5b4495046b227befa4546db63cfe6fe541fc4c3cd216eb9\n
\n

The hash function stores passwords in the form of a hash instead of plain text, which humans can easily read. But if two different users enter the same password, then their hashes will be exactly the same.

\n

Hackers can perform a dictionary attack and if they crack one password, they can use the same password for gaining access to other accounts that use the same hash.

\n

To prevent this from happening, you must salt the passwords. A salt is a random value that is either appended or prepended to the password and makes it unique. So even if two different users use the same password, their hashes will not be the same.

\n

How to Prevent Broken Authentication?

\n

The following are the ways of preventing broken authentication attacks:

\n
    \n
  1. Implement multi-factor authentication (MFA) to verify the consumer's identity. Examples include One-Time Password (OTP) messaged or emailed to the user. This step will prevent brute force attacks, credential stuffing, and stolen credential reuse attacks.
    2. \n
  2. Use weak-password checks by forcing users to include a mix of small letters, capital letters, alphanumeric symbols, and special characters while creating passwords. It would be best to follow NIST 800-63 B's guidelines in section 5.1.1 for memorized secrets.
    3. \n
  3. Place a limit on failed login attempts to 3 or a maximum of 5. Alert the system admin if you detect an attack — brute force, credential stuffing, or any other attack.
    4. \n
  4. Ensure that credential recovery, registration, and API pathways are not vulnerable to account enumeration attacks by using the same message for each outcome.
    5. \n
  5. Generating new random session IDs with high entropy after login protects against hackers. Remember, those session IDs should not be present in the URL and invalidated after logout.
    6. \n
\n

Impact of Broken Authentication

\n

The impact of broken authentication can be severe and far-reaching. When attackers successfully exploit these vulnerabilities, they can gain unauthorized access to user accounts, leading to various consequences.

\n

This may include unauthorized access to sensitive information, such as personal data, financial details, or intellectual property. Attackers can also manipulate or delete user data, impersonate legitimate users, perform fraudulent transactions, or even escalate their privileges within the application.

\n

Furthermore, if the compromised account belongs to an administrator or privileged user, the impact can be even more significant, potentially compromising the entire system or network. Broken authentication vulnerabilities can tarnish an organization's reputation, result in financial losses, and expose users to identity theft and other cybercrimes.

\n

How LoginRadius Protects Against Broken Authentication?

\n

LoginRadius has been at the forefront of offering a multilevel security web app environment. Here is how LoginRadius applications protect against broken authentication:

\n\n

Conclusion

\n

Apart from the steps mentioned in this article, it's essential to train and educate your employees about broken authentication attacks. It would be best if you also employed top-notch cybersecurity measures to protect your company's database from session hijacking, credential stuffing, and other broken authentication attacks.

\n

FAQs

\n

1. What are the solutions for broken authentication?

\n

Solutions include implementing Multi-Factor Authentication (MFA), enforcing strong password policies, limiting failed login attempts, securing session management, and regular security audits.

\n

2. What is broken access authentication?

\n

Broken access authentication refers to vulnerabilities in the authentication process that allow unauthorized access to user accounts, often due to flawed or improperly implemented authentication mechanisms.

\n

3. What can prevent authentication failures?

\n

Preventative measures include MFA implementation, enforcing strong password policies, limiting failed login attempts, securing session management, and using secure hashing algorithms.

\n

4. What is a broken authentication guessable password?

\n

It refers to weak or easily guessed passwords like \"123456\" or \"password,\" which are vulnerable to exploitation by attackers, leading to compromised accounts.

\n

5. What are the risks of broken authentication?

\n

Risks include unauthorized access to sensitive data, manipulation or deletion of user data, impersonation of legitimate users, escalation of privileges, financial losses, and legal consequences.

\n

6. What are the effects of broken authentication attacks?

\n

Effects include data breaches, privacy violations, fraudulent activities on compromised accounts, tarnished reputation for individuals or organizations, financial losses, and potential legal ramifications.

\n

\n \n \n

\n","frontmatter":{"date":"February 17, 2021","updated_date":null,"description":"If a hacker successfully logs with stolen credentials, they can misuse your privileges and impact your company's sustainability. Authentication protects a consumer's identity by allowing only a verified user to enter into the system. But there are numerous ways through which a hacker can impersonate consumers and enter inside the system.","title":"What is Broken Authentication Vulnerability and How to Prevent It?","tags":["broken authentication","mfa","data security"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/0005ff61c9196311b738904dc2cef6f2/33aa5/broken-auth.jpg","srcSet":"/static/0005ff61c9196311b738904dc2cef6f2/f836f/broken-auth.jpg 200w,\n/static/0005ff61c9196311b738904dc2cef6f2/2244e/broken-auth.jpg 400w,\n/static/0005ff61c9196311b738904dc2cef6f2/33aa5/broken-auth.jpg 768w","sizes":"(max-width: 768px) 100vw, 768px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.jpg"}}}}]},"markdownRemark":{"excerpt":"Identity is evolving, and developers are at the forefront of this transformation. Every day brings a new learning—adapting to new standards…","fields":{"slug":"/identity/developer-first-identity-provider-loginradius/"},"html":"

Identity is evolving, and developers are at the forefront of this transformation. Every day brings a new learning—adapting to new standards and refining approaches to building secure, seamless experiences.

\n

We’re here to support developers on that journey. We know how important simplicity, efficiency, and well-structured documentation are when working with identity and access management solutions. That’s why we’ve redesigned the LoginRadius website—to be faster, more intuitive, and developer-first in every way.

\n

The goal? Having them spend less time searching and more time building.

\n

What’s New and Improved on the LoginRadius Website?

\n

LoginRadius’ vision is to give developers a product that simplifies identity management so they can focus on building, deploying, and scaling their applications. To enhance this experience, we’ve spent the last few months redesigning our interface— making navigation more intuitive and reassuring that essential resources are easily accessible.

\n

Here’s a closer look at what’s new and why it’s important:

\n

A Developer-Friendly Dark Theme

\n

\"This

\n

Developers spend long hours working in dark-themed IDEs and terminals, so we’ve designed the LoginRadius experience to be developer-friendly and align with that preference.

\n

The new dark mode reduces eye strain, enhances readability, and provides a seamless transition between a coding environment and our platform. Our new design features a clean, modern aesthetic with a consistent color scheme and Barlow typography, ensuring better readability. High-quality graphics and icons are thoughtfully placed to enhance the content without adding visual clutter.

\n

So, whether you’re navigating our API docs or configuring authentication into your system, our improved interface will make those extended development hours more comfortable and efficient.

\n

Clear Categorization for LoginRadius Capabilities

\n

\"This

\n

We’ve restructured our website to provide a straightforward breakdown of our customer identity and access management platform capabilities, helping you quickly find what you need:

\n\n

This structured layout ensures you can quickly understand each capability and how it integrates into your identity ecosystem.

\n

Developer-First Navigation

\n

\"This

\n

We’ve been analyzing developer workflows to identify how you access key resources. That’s why we redesigned our navigation with one goal in mind: to reduce clicks and make essential resources readily available.

\n

The new LoginRadius structure puts APIs, SDKs, and integration guides right at the menu bar under the Developers dropdown so you can get started faster. Our Products, Solutions, and Customer Services are also clearly categorized, helping development teams quickly find the right tools and make informed decisions.

\n

Quick Understanding of Integration Benefits

\n

\"This

\n

Developers now have a clear view of the tech stack available with LoginRadius, designed to support diverse business needs.

\n

Our platform offers pre-built SDKs for Node.js, Python, Java, and more, making CIAM integration seamless across popular programming languages and frameworks.

\n

Over to You Now!

\n

Check out our revamped LoginRadius website and see how the improved experience makes it easier to build, scale, and secure your applications.

\n

Do not forget to explore the improved navigation and API documentation, and get started with our free trial today. We’re excited to see what you’ll build with LoginRadius!

\n","frontmatter":{"date":"February 21, 2025","updated_date":null,"description":"LoginRadius’ vision is to give developers a product that simplifies identity management so they can focus on building, deploying, and scaling their applications. To enhance this experience, we’ve redesigned our website interface, making navigation more intuitive and reassuring that essential resources are easily accessible.","title":"Revamped & Ready: Introducing the New Developer-First LoginRadius Website","tags":["Developer tools","API","Identity Management","User Authentication"],"pinned":true,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.7857142857142858,"src":"/static/80b4e4fbe176a10a327d273504607f32/58556/hero-section.webp","srcSet":"/static/80b4e4fbe176a10a327d273504607f32/61e93/hero-section.webp 200w,\n/static/80b4e4fbe176a10a327d273504607f32/1f5c5/hero-section.webp 400w,\n/static/80b4e4fbe176a10a327d273504607f32/58556/hero-section.webp 800w,\n/static/80b4e4fbe176a10a327d273504607f32/99238/hero-section.webp 1200w,\n/static/80b4e4fbe176a10a327d273504607f32/7c22d/hero-section.webp 1600w,\n/static/80b4e4fbe176a10a327d273504607f32/1258b/hero-section.webp 2732w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.jpg"}}}},"pageContext":{"limit":6,"skip":582,"currentPage":98,"type":"///","numPages":161,"pinned":"ee8a4479-3471-53b1-bf62-d0d8dc3faaeb"}},"staticQueryHashes":["1171199041","1384082988","2100481360","23180105","528864852"]}