Encrypt Online
Theme

Encrypt Online field notes

Security and data, explained plainly.

Short, practical guides for the moments when a token fails, a certificate looks wrong, or two formats that seem alike behave very differently.

115 maintained guides

Browse the library

Find the note you need

115 guides, ordered by most recently updated.

Certificates & Site Ops3 min read

Certificate Chain Basics for Beginners

A beginner-friendly explanation of leaf certificates, intermediates, and why chain issues break trust.

Certificates & Site Ops3 min read

OAuth Callback URL Mismatch Debugging

Redirect URI mismatch errors usually come from small string differences. Compare the callback value, environment, path, port, and encoding before changing provider or application settings.

Certificates & Site Ops3 min read

OIDC Discovery URL and Metadata Explained

Understand what the OIDC discovery document is, which metadata fields matter first, and how to debug auth setup when issuer, jwks_uri, or authorization endpoints do not line up.

Certificates & Site Ops3 min read

What Is Inside a PEM File?

Understand PEM boundary lines, Base64 content, and the block types that tell you whether you are looking at a certificate, a key, or a CSR.

Encoding & Transport3 min read

Base64URL vs Base64: What Changes on the Web

A practical guide to the differences between standard Base64 and URL-safe Base64 so you stop breaking tokens and query values.

Passwords & Hashing3 min read

Bcrypt Cost Factor Explained in Plain English

How bcrypt cost works, why slower can be safer, and how to think about tuning without turning your login flow into a support issue.

Encoding & Transport3 min read

Common JWT Claim Validation Mistakes That Break Trust

A valid JWT signature is not enough. These are the claim checks teams skip when issuer, audience, timing, and token type actually decide whether a token should be accepted.

Protect & Encrypt5 min read

How to Decrypt Text with OpenSSL

Decrypt OpenSSL enc output by matching its cipher, PBKDF2, digest, salt, and Base64 settings, then verify the recovered bytes.

Protect & Encrypt3 min read

How to Encrypt Text in Your Browser Safely

A practical workflow for encrypting short text in the browser, testing decryption, and sharing the passphrase the right way.

Protect & Encrypt5 min read

How to Encrypt Text with OpenSSL

Encrypt text with OpenSSL using a salted PBKDF2 recipe, preserve the settings needed for decryption, and verify the exact result.

Passwords & Hashing3 min read

How to Verify a Webhook Signature

Verify webhook signatures with the exact raw request body, the correct secret, and constant-time comparison so replay and tampering bugs are easier to spot.

Passwords & Hashing3 min read

Salts, Peppers, and Password Storage Basics

A practical explanation of salts and peppers, what problem each one solves, and where teams often misunderstand the difference.

Certificates & Site Ops3 min read

What Token Introspection Is and When to Use It

Token introspection answers whether a token is active right now, but it is not the right tool for every JWT. Use it when revocation, opaque tokens, or central policy checks matter.