Is it good idea to buy instagram followers?

Hello Guys,

I hope this is correct section to post a question.
I have been reading a lot about instagram advertisement but one thing is nowhere to be found is you can not advertise on Instagram for followers. At first it was bit shock for me because Facebook has this option but Instagram Not.

Now, I have been thinking about other ways from where I can get followers for my instagram account. This website has been referred by my friend to get followers – wezore.com (if this is not the way I…

Is it good idea to buy instagram followers?

Is storing an encrypted 2FA backup on Bitwarden (a password manager) a good idea?

I am at the moment using Bitwarden and a separate 2FA app.

I am trying to figure out a way to be able to securely recover my access to credentials and 2FA in case my phone/laptop/other electronic devices get stolen or destroyed and am not sure if what I am doing is good enough.

The app I am using for 2FA allows for encrypted backups with a password. I use Bitwarden to manage my passwords and it also requires a 2FA code from the app.

Now I have a backup of the 2FA app on Bitwarden, where the master passwords for both are long and different (consisting of letters only). I modified the 2FA recovery code for Bitwarden (so that only I know how to read it) and store it on a piece of paper in my wallet and some other places.

My plan is if all goes wrong to gain access to Bitwarden through the recovery code and then download and restore the backup of the 2FA app, in order to regain access to the other places.

Do you think that is secure enough?

Any idea how to keep this text static

Hi guys,

Do you have any idea how to keep the text above the textarea static when you resize the textarea. It expands by the size of the parent div. My intention is to keep everything centered.

The link: https://test-c3848.web.app/

The HTML:

 <div id=div1>     <div id=div2>         <p>Paste link in the textarea.</p>         <textarea type="text" id="txt"></textarea>     </div> </div> 
Code (markup):

The CSS:

 #div1 {min-height: 10em; position: relative} #div1 #div2 { margin:...
Code (markup):

Any idea how to keep this text static

Help flushing out idea for detecting friend from foe [closed]

I need help with flushing out an idea into a game mechanic. There is a goal and there are friendly npcs and enemies. Both are walking toward the goal. However, the player can’t tell friend from foe.

The goal is to have the player detect and eliminate the enemies before they reach the goal. I mostly need help with detection. Most examples and ideas I see are for ai detecting the player and not the other way around.

What are some ways, examples, or ideas I can use to implement this sort of mechanic?

Is using Argon2 with a public random on client side a good idea to protect passwords in transit?

Not sure if things belongs in Crypto SE or here but anyway:

I’m building an app and I’m trying to decide whatever is secure to protect user passwords in transit, in addition to TLS we already have.

In server side, we already have bcrypt properly implemented and takes the password as an opaque string, salts and peppers it, and compares/adds to the database.

Even though SSL is deemed secure, I want to stay at the "server never sees plaintext" and "prevent MiTM eavesdropping from sniffing plaintext passwords" side of things. I know this approach doesn’t change anything about authenticating, anyone with whatever hash they sniff can still login, my concern is to protect users’ plaintext passwords before leaving their device.

I think Argon2 is the go-to option here normally but I can’t have a salt with this approach. If I have a random salt at client side that changes every time I hash my plaintext password, because my server just accepts the password as an opaque string, I can’t authenticate. Because of my requirements, I can’t have a deterministic "salt" (not sure if that can even be called a salt in this case) either (e.g. if I used user ID, I don’t have it while registering, I can’t use username or email either because there are places that I don’t have access to them while resetting password etc.) so my only option is using a static key baked into the client. I’m not after security by obscurity by baking a key into the client, I’m just trying to make it harder for an attacker to utilize a hash table for plain text passwords. I think it’s still a better practice than sending the password in plaintext or using no "salt" at all, but I’m not sure.

Bottomline: Compared to sending passwords in plaintext (which is sent over TLS anyway but to mitigate against server seeing plaintext passwords and against MiTM with fake certificates), is that okay to use Argon2 with a public but random value as "salt" to hash passwords, to protect user passwords in transit? Or am I doing something terribly wrong?

Is letting a player use a Large or larger race a bad idea from the game balance point of view?

Pathfinder ruleset assumes players to be Medium or Small humanoids. Not so many rules exist for non-standard characters.

  • The only "official" way to play as a bigger dude that I know of is using race building rules. With explicit DM permission, it’s possible to create an 11-RP race that will be Large and still have the reach of a Medium/Small creature. Also, this race probably won’t fit into the world of Golarion unless you work for it.
  • Bestiary creatures that are Large or Larger typically have racial Hit Dice, and I’ve heard it many times that mixing racial and class HD for players is generally a bad idea.
  • Some monstrous humanoids, e.g. Trox, have official racial stats and are Large, but playing them is usually frowned upon, as their appearance creates certain social difficulties unless the campaign is set in a monstrous setting.
  • Half-Giants published by Dreamscarred Press are up to 8 ft. 4 in. tall, but still Medium. They are treated as being Large for certain purposes, but not for reach, although they can use Large weapons.

Threads about PCs being Large usually bring up all the related bonuses: CMD/CMB, reach, extra damage, extra STR, and say that it all makes such races vo. Very often they also talk about Enlarge Person alongside Haste creating Huge Barbarians that one-shot everything they see, and about enemies that can’t even retaliate because of limited reach. What makes me a bit interested here, though, is that it’s usually mundane characters who benefit most from increasing their melee potential, and melee characters are rarely overpowered compared to casters.

However, lacking any first-hand experience, I wish to know:

Is it actually a bad idea to allow players to choose Large races for their characters?

By "Large races" I mean races that are properly Large, have all the related benefits, including reach. This race can be custom-made, adapted from another source, or an existing one can be used.

Please remember about the Good Subjective/Bad Subjective guidelines and state your experience of seeing Large or larger races in actual play if you decide to post an answer. Let’s not get this question closed.

When did the idea of a fluff (or flavor) vs crunch distinction appear?

I find myself involved in discussions frequently where one person will claim that a piece of text in a rulebook is "just fluff" or "pure flavor" and can be "refluffed" by the players with little or no DM oversight, while others are "mechanics" or "crunch" that requires a house-rule to change.

Specifically, the things cited as "fluff" are those that do not have an attached dice roll or explicit benefit/penalty listed. Things like the descriptions of classes, feats, things like "Druids won’t wear metal armor." On the other hand, "mechanics" or "crunch" includes rule text that has direct, explicit application to the game world, especially when expressed in pseudo-mathematical form (such as dice rolls, damage, or bonuses and penalties).

I know that 4e had a specific rule that said that descriptive text in italics in an ability entry or elsewhere was just an example (ie fluff) and could be changed at will. But I’m pretty sure that this distinction pre-dates 4e–I remember hearing it invoked to justify taking prestige classes (3.5e) completely out of context and apply them without satisfying the "fluff" prerequisites (such as meeting/being trained by someone of the appropriate faction).

I’m interested to know where (and in what context) this distinction first (or dominantly) arose. More than that, I’m interested in finding examples of where this distinction has direct rules support. So far, 4e D&D is the one I know of. Citations to rulebooks would be wonderful. This is not D&D specific, although most of my knowledge is of D&D’s history.

An intranet web app for decrypting values : a bad idea, and if so, why?

We have to protect a database connection string for a .NET desktop application that has an application-level database user. One option is to encrypt a section of the app.config using asp_regiis. But then every user of the application needs to have the key installed on their PC.

If an intranet IIS server has SSL and Microsoft Windows Authentication was in place, would an ASP.NET web-app that accepted an encrypted value and returned a plain text be a viable alternative to installing the keys on every user’s machine?

With the web app, no user would be able to export the key from their local container, and so the web app approach seems the more secure of the two.

Would My Custom Weapon Idea Work Well? [closed]

I had an idea to make a custom sword that increases its damage for every finishing hit it does. It would increase by 0.1% 0.5% or 1% each time. Earlier in the campaign it would be under powered and the player would have to grind it out but later in the campaign it would be over powered. Would a mechanic like this work or would it be a bad idea?

Thanks! Example

Is running bash script that is taking arguments from site dialog box a good idea?

I’m building a site that will use youtubeAPI to keep track of playlist changes. In order for 3rd party to use it I would supply a dialog box in which user would type his/hers playlistID – this would be read and then put as an argument into bash script that in turn runs curl/python scripts to connect with API (ran on my machine) and another bash script that would mkdirs on my disk.

Does this potentially endanger me/my files somehow ? Can someone input some magic command that would do “rm * -f” or similar malicious endeavor ? Should I use some external server instead of my machine ?

I know nothing about security, Ive read few topics here but didnt find similar problem.