Blog Posts Tagged with "Password Management"
The OTHER Problem with Passwords
August 29, 2012 Added by:Wendy Nather
Organizations are motivated to prioritize ease of use over security if they feel their target audience won't be able to use advanced features without support. The result is that the password reset process to an address of record is the easiest way to get into an account. And of course attackers know this too...
Comments (1)
KeePass Vulnerability Exposes Password Lists
June 28, 2012 Added by:Headlines
“The bug will be injected on the remote way, affects the local validation (html/xml) and change the technic back when remotely transferring the password lists. The injection of the malicious URL/domain context can be done via auto save of URLs (victim) or manually (reproduce)," the researchers stated...
Comments (1)
Treat Passwords Like Cash
May 14, 2012 Added by:Danny Lieberman
Every Web site and business application has a different algorithm and password policy. For users, who need to maintain strong passwords using 25 different policies on 25 different systems sites, it’s impossible to maintain a strong password policy without making some compromises...
Comments (0)
Social Media Security 101
April 24, 2012 Added by:Joel Harding
EVERYTHING is compromised. Every web site, every data base, every place that touches the web – I assume this at all times. There is not one among us whose network has not been compromised. The security mantra in the past was “Risk Avoidance”. That is no longer the case...
Comments (0)
Disagreement on Password Vault Software Findings
April 12, 2012 Added by:Brent Huston
Recently, some researchers have been working on comparing password vault software products and have found some issues. However, many of the vendors are quickly moving to remediate the identified issues, many of which were simply improper use of proprietary cryptography schemes...
Comments (1)
Shutting Front and Back Door Access to Your Mobile Devices
March 27, 2012 Added by:Kevin Doel
A lost or stolen phone constitutes a serious security threat to the information on the device because the attacker has unlimited time to gain access to the secrets that are stored therein. Important personal information should not be stored in any unsecured note application...
Comments (0)
Data Loss Doesn’t Always Mean Getting Hacked
February 03, 2012 Added by:Robert Siciliano
Recently UCLA announced 16,000 patients were potential victims of identity theft because a doctor’s home office was broken into and data stolen. Data breaches cost big bucks. Encryption in this scenario failed due to a password on a sticky note near the laptop...
Comments (0)
Should You Store Passwords in the Cloud?
November 07, 2011 Added by:Robert Siciliano
At least twice a week, I get an email from someone who wants me to join yet another network, which requires yet another username and password. You can cop out and use the same username and password combination, but that’s just asking for trouble...
Comments (6)
Sentence Your Password
August 23, 2011 Added by:Christopher Hudel
One risk is that by telling people to "Sentence their password", they may be steered unconsciously to create sentences that make sense which will significantly weaken the power of apparently random words. And of course, apparently random words may ultimately prove not to be too random...
Comments (0)
Check Your Password Security
March 29, 2011 Added by:Robert Siciliano
Passwords are the bane of the security community. We are forced to rely on them, while knowing they’re only as secure as our operating systems, which can be compromised by spyware and malware. There are a number of common techniques used to crack passwords...
Comments (0)
Advanced Password Security 101
March 27, 2011 Added by:J. Oquendo
For those searching for password storage systems, there is no shortage of helpful and even free programs. There is also no shortage of documents explaining why or how to create strong passwords. However, what I noticed in most documents and even programs is their lack of creativity...
Comments (4)
- The Upcoming Oracle CPU: Struggling to Keep Pace with Vulnerabilities
- Malware Prevention Key to Countering Evasive Attack Techniques
- Don’t get lost in translation when managing mixed firewall estates
- Make Sure We're Using the Same Language
- WannaCry: How We Created an Ideal Environment for Malware to Thrive, and How to Fix It
- Ztorg Trojan-SMS Infects Google Play Apps
- SAP Cyber Threat Intelligence Report – June 2017
- Webinar: Top 5 Myths of ICS Cybersecurity - Debunked!
- You Can't Hire Your Way Out Of The Skills Shortage... Period.
- Social Security Administration’s Second Attempt at 2FA Fails Federal Government’s Own Standards, Not Secure