Items Tagged with "Passwords"
March 22, 2011 Added by:Headlines
Network administrators may be conducting their own personal risk assessments in the course of their daily duties. They may be weighing factors such as performance pay incentives, the thoroughness of security audits, and time constraints when deciding what is or is not a priority...
March 11, 2011 Added by:Brent Huston
You have to be sharp to see through a social engineering attack. The challenge is to retain that sharpness while in the midst of multiple tasks. Most of the time, the attacker will take advantage of a busy receptionist, a chaotic office, or tired staff when they try their dastardly deed...
February 28, 2011 Added by:Rafal Los
Take a look at the authentication scheme from a 360-degree view and see if the strong authentication 2-factor provides extends to all platforms (mobile device? HTML-only?) If not, then your account is protected by the lowest common denominator, for most sites that's a simple username and password...
February 23, 2011 Added by:Brent Huston
Passwords are the bane of every system administrator’s existence. Policies are created to secure organizations, but when enforced they cause people to have trouble coming up with the multitude of passwords necessary. As a result, people use the same passwords in multiple places...
February 22, 2011 Added by:Roman Yudkin
The burden of so many complex passwords is too high, especially if the user believes the odds of their credentials being stolen are small. Advice on choosing strong passwords and never re-using them is rejected as a poor cost/benefit tradeoff. No wonder users have bad password practices...
February 20, 2011 Added by:Rob Fuller
Brute force, even though it's gotten so fast, is still a long way away from cracking long complex passwords. That's were word lists come in handy. It's usually the crackers first go-to solution, slam a word list against the hash, if that doesn't work, try rainbow tables..
February 12, 2011 Added by:Dan Dieterle
iPhone passwords may not be as secure as one might believe. According to German security researchers from the Fraunhofer Institute Secure Information Technology (Fraunhofer SIT), if you have physical access to the phone, passwords can be recovered from a locked Apple iPhone in six minutes...
February 10, 2011 Added by:Headlines
"Starting Thursday all Google users can choose to turn on a so-called 'two-factor authentication' feature, which will require them to type in a special, short-lived second password in addition to their normal password to get into their account..."
February 08, 2011 Added by:Headlines
Consumers know that leaving their Wi-Fi network open is not good, but the reality is that many have not taken the steps to protect themselves. Consumers can activate Wi-Fi security protections in a few simple steps, but much like the seatbelts in your car, it won't protect you unless you use it...
February 07, 2011 Added by:Rafal Los
Conferences are more than just going to interesting talks, meeting people, and attending after-parties. Sometimes, if the conferences is really a gem - like ShmooCon - you actually learn something. After attending this year's conference, I think it relevant to share my thoughts...
February 03, 2011 Added by:Headlines
Facebook has made steady progress in their efforts to offer better security, but it remains the responsibility of account holders to make sure they are utilizing all of the security features. One allows members to monitor their profile for any unauthorized access to their Facebook account...
January 24, 2011 Added by:Headlines
"Website owners should declare if they store your passwords using strong hashing. This is a simple process and not any more expensive to implement, however unfortunately websites not using this method of cryptography is something we see all too often..."
January 22, 2011 Added by:Javvad Malik
You walk back to the office knowing full well, like hundreds of others in their office, they’ve forgotten their password. You then have to jump through 20 different hoops to identify yourself. Your name, ID number, user ID, your managers name, your national insurance number… blah blah blah... Finally, you’re told that your password has been reset to Password123. Success? Nearly, becaus...
January 14, 2011 Added by:Paul Sitar
With the addition of the superior “soft token” solution, SyferLock truly covers the entire authentication spectrum, as well as a myriad of diverse and evolving use cases and business requirements challenging the security and account access of organizations and their users...
January 08, 2011 Added by:Dan Dieterle
The embroiled Pirate Bay, when not dealing with legal issues, has had their own run in with hackers. Last summer, a hacker broke into their systems through a SQL vulnerability and stole 4 million users passwords...
January 04, 2011 Added by:Gurudatt Shenoy
Instead of storing the password on the server, one can encrypt and store the user identity or username using a real time generated password, either by via a hashing algorithm or a device-locked password generator. The password itself need not be stored on the server, as can be seen from the following diagrams...