PacketNebula

Articles & guides

Explainers, how-to guides and the occasional news note. The answer comes first, always, then the numbers, diagrams and sources for going deeper.

Answer card: a random 8 character password falls in under 2 hours offline, while 16 random characters hold for 1.4 trillion years at the same speed.

Security

How long does it take to crack a password in 2026?

Real crack times for 2026: an 8 character password falls in under 2 hours offline, 16 characters holds for ages. The math, the hardware and what to do.

 Answer card: JWTs are not encrypted, anyone can read them; the signature proves who issued the token, not who may read it.

Security

Are JWTs encrypted? No, and the difference will bite you

JWTs are encoded and signed, not encrypted: anyone holding a token can read every claim. What the signature really protects and what never belongs in a payload.

 Answer card: three DNS records decide if your mail lands or bounces; SPF lists allowed senders, DKIM signs messages, DMARC sets the failure policy.

Email/DNS

SPF, DKIM and DMARC explained: the records your email needs

SPF lists who may send for your domain, DKIM signs each message, DMARC sets the policy when checks fail. How the trio works and how to deploy it safely.

 Answer card: TLS 1.3 is one round trip faster than TLS 1.2 and removed the broken options; both are secure when configured well.

Security

TLS 1.2 vs TLS 1.3: what changed and what to run in 2026

TLS 1.3 handshakes in one round trip instead of two, drops every broken cipher and encrypts more of the handshake. What changed, why, and how to migrate.

 Answer card: a /24 is 256 addresses with 254 usable, because the first 24 bits name the network and the last 8 bits identify hosts.

Network

What is a /24? CIDR notation and subnet masks, finally clear

A /24 is a block of 256 IPv4 addresses, 254 usable. What the slash number means, how masks work bit by bit, and how to size real networks.

 Answer card: DNS TTL is the expiry date on a DNS answer, the seconds a resolver may cache it; propagation is mostly waiting for old TTLs to run out.

Network

What is DNS TTL? Cache, propagation and the values to use

TTL is the number of seconds resolvers may cache a DNS answer. How it really works, why propagation is mostly waiting, and the right TTL per situation.