Items Tagged with "Passwords"


FriendFinder Breach Highlights the Need for Better Practice in Password Security

January 31, 2017 Added by:Donato Capitella

The FriendFinder Network breach is a perfect example of how poor password storage can exacerbate the impact of a breach and expose accounts to further exploitation.

Comments  (0)


Businesses Should Take a Pass on Traditional Password Security

August 04, 2015 Added by:Geoff Sanders

Historical forms of authentication were never meant for the networked landscape we live in today. The first passwords were adequate authentication solutions only because the systems they secured were isolated. Unfortunately, the isolated systems that pervaded the early days of the computer revolution has set the foundation for authentication in the Internet Age.

Comments  (0)


Passwords: Are We Focused on the Right Issues?

February 21, 2014 Added by:Anthony M. Freed

Recently, Dashlane released its quarterly Personal Data Security Roundup (PDF), which examines the “illusion of personal data security in e-commerce,” noting that consumers increasingly share personal and payment information with online retailers, and the only thing standing between that data and criminals is a mere password.

Comments  (0)


Users Cannot be Trusted with Their Passwords!

January 13, 2014 Added by:Joseph Rogalski

If you are not protecting your Internet facing systems that contain anything but public data with multifactor authentication you are asking to be breached, this includes Outlook Web Access.

Comments  (0)


Preparing for the Internet of Things: Integrating Strong Authentication in Daily Life

November 04, 2013 Added by:Jochem Binst

The online world as we know it today is not the same as the one we got to know in the beginning of the Internet era and certainly not the one that is emerging today! People worldwide are starting to realize this. All they have to do now is act on it. Strong authentication to secure the online world will be embraced since it becomes a necessity; using strong authentication is the next step.

Comments  (0)


2-Factor Is Great, But Passwords Still Weak Spot

July 17, 2013 Added by:Simon Moffatt

Two factor authentication solutions have been around for a number of years. While these additional processes certainly go some way to improve security, and reduce the significance of the account password, it highlights a few interesting issues, mainly that password based authentication is still a weak link.

Comments  (0)


Mitigate Security Risk Before Your Business Collapses

July 11, 2013 Added by:Jan Valcke

Security is not an optional feature to be implemented after the horse has bolted. Lack of security may have severe consequences and can result in destructed corporate image, severe revenue losses and liability suits. Strong authentication alleviates a lot of security concerns and can help build customer trust, credibility and can even become a competitive advantage.

Comments  (0)


Your Weekend Security Challenge: Password-Style

April 12, 2013 Added by:Le Grecs

Password managers will automatically fill in usernames and passwords as your target surfs around the web doing their usual things. I’ve found they just love this convenience and it serves as a great motivator for them to continue using it.

Comments  (0)


What Makes My Passwords Vulnerable?

November 25, 2012 Added by:Robert Siciliano

Simple passwords: When 32 million passwords were exposed in a breach last year, almost 1% of victims were using 123456. The next most popular password was 12345. Other common choices are 111111, princess, qwerty, and abc123. Avoid these types of passwords, which are easily guessed...

Comments  (0)


E-mailing Passwords - Practice What You Preach

November 19, 2012 Added by:Bill Mathews

That’s right, I got an email with my username and password listed right there. That probably doesn’t anger normal people (let alone drive them to write an article about it), but I have never been accused of being normal so I’m pretty annoyed. Here, in no particular order, are my reasons for the anger and frustration...

Comments  (6)


Never Attribute to Malice, But Always Verify

November 15, 2012 Added by:Fergal Glynn

FX did find hardcoded local bootloader passwords. These would require physical access and are the types of hardcoded passwords commonly found in networking gear and appliances. Yes a vulnerability but not likely nefarious...

Comments  (0)


On Password Hell

November 06, 2012 Added by:Joel Harding

I had one sysadmin a few years ago who demanded we all use 64 character passwords and every other character had to switch type. It was something like ^y?M3aI`B[a/ and so on... It took two minutes to type it in and I had to carry a paper with the password written on it. I was so glad when he left...

Comments  (1)


Does it Make Sense to Keep Changing Your Passwords?

October 31, 2012 Added by:Rafal Los

I'm running a small experiment on myself in which I've set up an account on a public, high-traffic web-based system out there that has a ton of my personal information. I've not changed my password in almost 6 months, but I still feel relatively good and certain that I am the only one who has access to my stuff...

Comments  (0)


Network Design, Wireless Security, and Password Policies - Business Beware

October 15, 2012 Added by:Gary McCully

A while back I was on a wireless assessment in which I was able to compromise the client’s primary Windows Domain from their guest wireless network. My hope in writing this article is that organizations will take their network design, wireless security, and password policies a little more seriously...

Comments  (0)


When Log Files Attack: IEEE Data Leak

September 28, 2012 Added by:Tripwire Inc

The fact that usernames and passwords were being logged to a plaintext file itself is problematic, even if the passwords are being hashed when stored in a database, if such data is logged in plain text it defeats the entire purpose...

Comments  (0)


How to PWN Systems Through Group Policy Preferences

September 20, 2012 Added by:Jeff McCutchan

All users have read access to the SYSVOL share of the domain controller. Forget about password cracking or passing the hash, you just get the cleartext password. A simple search for “*.xml” in the SYSVOL share on the domain controller will show if your organization is vulnerable...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »