Search:

Items Tagged with "Passwords"


37d5f81e2277051bc17116221040d51c

Is a Password Enough? A Closer Look at Authentication

August 16, 2012 Added by:Robert Siciliano

Yahoo and LinkedIn were recently breached and usernames and passwords were stolen. These sites did something wrong that allowed those passwords to get hacked. However passwords themselves are too hackable. If multi-factor authentication was used, then the hacks may be a moot point and the data useless...

Comments  (0)

29fb4966bdfcfff5545ae464c771071b

Why is a Password Manager Not Yet a Hot Selling App?

August 13, 2012 Added by:Gurudatt Shenoy

What is the solution to preventing security Armageddon if passwords are not going away soon and people are going to use the same password for all their accounts? I did find a solution for this couple of years back. It is called a password generator and will generate a unique password for storage and management...

Comments  (5)

7fef78c47060974e0b8392e305f0daf0

ENISA Calls for Joint Effort to Protect Login Credentials

August 10, 2012

In the cyber world our identity is reflected by our usernames and passwords. For users, keeping passwords safe is vital to avoid security incidents. But online service providers who store usernames and passwords are expected to do the same. Problems arise when security is compromised at either end of the chain...

Comments  (0)

7c5c876d1933023ac375eead04302e1a

Go Ahead and Write Down Your Passwords

August 07, 2012 Added by:Boris Sverdlik

Another day, another password hack, and yet another reason not to reuse passwords... Here is a simple bash script to generate strong passwords. Port it to Python or even something more platform independent. Also, don't forget to set Auto Dismount to 15 minutes, so you don't leave it up and running...

Comments  (14)

B64e021126c832bb29ec9fa988155eaf

Billions of Hashes per Second with Multiforcer Password Cracker

August 07, 2012 Added by:Dan Dieterle

So what does it take to reach cracking speeds topping 154 Billion hashes per second with multiple hashes? The tool was created to help out pentesters who need to crack passwords, but can not submit hashes obtained to online cracking programs due to auditing agreement restrictions...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

Between You and Me, This is Not Private...

July 22, 2012 Added by:Fergal Glynn

If most websites can’t get password storage right, you can bet they can’t get storage of the content you are trusting them with right either. The private documents that you stored with your favorite cloud service are probably not encrypted in a way that only your account can decrypt, if they’re encrypted at all...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Yahoo and Billabong Password Dumps Analyzed

July 19, 2012 Added by:Dan Dieterle

Wow, not one, but two massive password dumps in one day. Hackers leaked a very large number of Billabong and Yahoo passwords in plain text with no need to try to crack them. We looked at the passwords using the analysis tool Pipa, and here is what we found...

Comments  (0)

94c7ac665bbf77879483b04272744424

Yahoo Voices Accounts Exposed and Available to the General Public

July 13, 2012 Added by:Marc Quibell

If Yahoo took "security very seriously" this probably may not have happened. This is obviously a fail in their IT Security practices, on many accounts, beginning with the SQL Injection attack used to compromise the server - yes, it only took one server to compromise for this to occur...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Yahoo!'s No Encryption Trumps LinkedIn's Unsalted Hash

July 12, 2012 Added by:Headlines

Just a month after LinkedIn experienced a significant security breach and caught flack for not "salting their hash", the revelation that the Yahoo! credentials were not even stored in an encrypted format should have everyone concerned about how seriously companies are taking the security of their users...

Comments  (0)

C64d6029dda7a794e966cb3f6f6b5534

Password Security: The Main Vein

July 02, 2012 Added by:Ahmed Saleh

Your passwords should be treated as "high sensitive information", and you are responsible for taking the appropriate steps to select and secure this information. Information system users should be aware of the characteristics of weak and strong passwords in order to ensure adequate protection of their information...

Comments  (1)

71d85bb5d111973cb65dfee3d2a7e6c9

How Fast Can Your Password Be Cracked? Instantly...

July 02, 2012 Added by:f8lerror

Instantly with a JavaScript keylogger. In this brief tutorial, we show you how we can use the Metasploit JavaScript Keylogger auxiliary module in a penetration testing phishing campaign or user awareness training. This is intended for informational and/or educational purposes only...

Comments  (0)

964eef19f95b77a2606d36daf6deb25f

Is Your WPA2 Protected Wireless Network Really Secure

July 01, 2012 Added by:Dale Rapp

A weak WPA2 passphrase could be hacked allowing an unauthorized person to use the wireless network. Even worse this unauthorized person could decrypt the communications revealing emails you send, web sites you visit, and passwords you use for access to websites...

Comments  (0)

7fef78c47060974e0b8392e305f0daf0

ICS-CERT: RuggedCom Weak Password Cryptography

June 20, 2012 Added by:Infosec Island Admin

A researcher identified a default backdoor user account with a weak password encryption vulnerability in the RuggedCom Rugged Operating System which could allow an attacker can use a simple publicly available script to generate the default password and gain administrative access to the unit...

Comments  (0)

99edc1997453f90eb5ac1430fd9a7c61

Video: On the Recent Password Breaches

June 16, 2012

LinkedIn, LastFM and eHarmony all suffered major password database breaches recently. But really, with so many breaches happening, did anyone even notice?

Comments  (0)

94c7ac665bbf77879483b04272744424

Better Passwords Don't Make Us Secure: Best Practices Advice

June 14, 2012 Added by:Marc Quibell

On today's Internet, it's not about better passwords, because passwords are another weak, vulnerable form of authentication. You can make it longer, more complex... whatever, but it doesn't change the fact that it's still weak and vulnerable. Practice safe computing and at least you will lower your risk...

Comments  (0)

5e402abc3fedaf8927900f014ccc031f

Ten Networking Alternatives After LinkedIn's Security Breach

June 13, 2012 Added by:Allan Pratt, MBA

Much has been written about the LinkedIn security breach and the millions of passwords at risk. Hopefully by now all users have changed them and made them more complex. When it comes to professional social networking sites though, LinkedIn is not the only game in town. Here are the Top 10 alternatives...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »


Popular Topics
Access Control  Anonymous  Application Security  Attacks  Authentication  Best Practices  China  Cloud Computing  Cloud Security  Compliance  Cyber Crime  Cyber Security  Cyber Warfare  Cyberwar  Data Loss  Data Loss Prevention  Denial of Service  Employees  Encryption  Enterprise Security  Espionage  Exploits  FBI  Government  Hacking  Hacktivist  Headlines  ICS  ICS-CERT  Identity Theft  Industrial Control Systems  Information Security  Information Technology  Infosec  Infrastructure  Law Enforcement  Legal  Managed Services  Management  Military  Mobile Devices  National Security  Network Security  PCI DSS  Passwords  Penetration Testing  Policies and Procedures  Policy  Privacy  Regulation  Risk Management  SCADA  Security  Security Audits  Security Awareness  Security Strategies  Social Engineering  Social Media  Stuxnet  Tools  Training  Vulnerabilities  breach  breaches  fraud  hackers  internet  malware  report  vendors