Blog Posts Tagged with "Password Management"
August 29, 2012 Added by:Wendy Nather
Organizations are motivated to prioritize ease of use over security if they feel their target audience won't be able to use advanced features without support. The result is that the password reset process to an address of record is the easiest way to get into an account. And of course attackers know this too...
August 13, 2012 Added by:Gurudatt Shenoy
What is the solution to preventing security Armageddon if passwords are not going away soon and people are going to use the same password for all their accounts? I did find a solution for this couple of years back. It is called a password generator and will generate a unique password for storage and management...
June 28, 2012 Added by:Headlines
“The bug will be injected on the remote way, affects the local validation (html/xml) and change the technic back when remotely transferring the password lists. The injection of the malicious URL/domain context can be done via auto save of URLs (victim) or manually (reproduce)," the researchers stated...
May 14, 2012 Added by:Danny Lieberman
Every Web site and business application has a different algorithm and password policy. For users, who need to maintain strong passwords using 25 different policies on 25 different systems sites, it’s impossible to maintain a strong password policy without making some compromises...
April 24, 2012 Added by:Joel Harding
EVERYTHING is compromised. Every web site, every data base, every place that touches the web – I assume this at all times. There is not one among us whose network has not been compromised. The security mantra in the past was “Risk Avoidance”. That is no longer the case...
April 12, 2012 Added by:Brent Huston
Recently, some researchers have been working on comparing password vault software products and have found some issues. However, many of the vendors are quickly moving to remediate the identified issues, many of which were simply improper use of proprietary cryptography schemes...
March 27, 2012 Added by:Kevin Doel
A lost or stolen phone constitutes a serious security threat to the information on the device because the attacker has unlimited time to gain access to the secrets that are stored therein. Important personal information should not be stored in any unsecured note application...
February 03, 2012 Added by:Robert Siciliano
Recently UCLA announced 16,000 patients were potential victims of identity theft because a doctor’s home office was broken into and data stolen. Data breaches cost big bucks. Encryption in this scenario failed due to a password on a sticky note near the laptop...
November 07, 2011 Added by:Robert Siciliano
At least twice a week, I get an email from someone who wants me to join yet another network, which requires yet another username and password. You can cop out and use the same username and password combination, but that’s just asking for trouble...
August 23, 2011 Added by:Christopher Hudel
One risk is that by telling people to "Sentence their password", they may be steered unconsciously to create sentences that make sense which will significantly weaken the power of apparently random words. And of course, apparently random words may ultimately prove not to be too random...
June 20, 2011 Added by:Gurudatt Shenoy
The past few months have seen a shock and awe campaign being launched by a series of hacker organizations such as Anonymous hackers and LulzSec. The most serious of recent events is the breach of RSA's SecureID. Whew. If the guardians of security cannot protect their own, who else can?
March 29, 2011 Added by:Robert Siciliano
Passwords are the bane of the security community. We are forced to rely on them, while knowing they’re only as secure as our operating systems, which can be compromised by spyware and malware. There are a number of common techniques used to crack passwords...
March 27, 2011 Added by:J. Oquendo
For those searching for password storage systems, there is no shortage of helpful and even free programs. There is also no shortage of documents explaining why or how to create strong passwords. However, what I noticed in most documents and even programs is their lack of creativity...
Mass Disclosure of Vulnerabilities in SAP... john niko on 12-09-2013
Join Trend Micro & SecurityWeek in Belle... Shah Alam on 12-06-2013
Looking Beyond "Black Box Testing"... Paul Reed on 12-03-2013