Blog Posts Tagged with "Passwords"

Fa053a3185c9b7154992fb4bffe11e76

FriendFinder Breach Highlights the Need for Better Practice in Password Security

January 31, 2017 Added by:Donato Capitella

The FriendFinder Network breach is a perfect example of how poor password storage can exacerbate the impact of a breach and expose accounts to further exploitation.

Comments  (0)

B7975305d292bb47fb3934171c2a0685

Businesses Should Take a Pass on Traditional Password Security

August 04, 2015 Added by:Geoff Sanders

Historical forms of authentication were never meant for the networked landscape we live in today. The first passwords were adequate authentication solutions only because the systems they secured were isolated. Unfortunately, the isolated systems that pervaded the early days of the computer revolution has set the foundation for authentication in the Internet Age.

Comments  (0)

6d117b57d55f63febe392e40a478011f

Passwords: Are We Focused on the Right Issues?

February 21, 2014 Added by:Anthony M. Freed

Recently, Dashlane released its quarterly Personal Data Security Roundup (PDF), which examines the “illusion of personal data security in e-commerce,” noting that consumers increasingly share personal and payment information with online retailers, and the only thing standing between that data and criminals is a mere password.

Comments  (0)

F5eb0cf67469a4982ea81ddf8b4d4048

Users Cannot be Trusted with Their Passwords!

January 13, 2014 Added by:Joseph Rogalski

If you are not protecting your Internet facing systems that contain anything but public data with multifactor authentication you are asking to be breached, this includes Outlook Web Access.

Comments  (0)

631e72bff10f695d4be8dec9d08d7534

Preparing for the Internet of Things: Integrating Strong Authentication in Daily Life

November 04, 2013 Added by:Jochem Binst

The online world as we know it today is not the same as the one we got to know in the beginning of the Internet era and certainly not the one that is emerging today! People worldwide are starting to realize this. All they have to do now is act on it. Strong authentication to secure the online world will be embraced since it becomes a necessity; using strong authentication is the next step.

Comments  (0)

65c1700fde3e9a94cc060a7e3777287c

2-Factor Is Great, But Passwords Still Weak Spot

July 17, 2013 Added by:Simon Moffatt

Two factor authentication solutions have been around for a number of years. While these additional processes certainly go some way to improve security, and reduce the significance of the account password, it highlights a few interesting issues, mainly that password based authentication is still a weak link.

Comments  (0)

D2c1e74cac8f12e965acd1a21fef3a38

Mitigate Security Risk Before Your Business Collapses

July 11, 2013 Added by:Jan Valcke

Security is not an optional feature to be implemented after the horse has bolted. Lack of security may have severe consequences and can result in destructed corporate image, severe revenue losses and liability suits. Strong authentication alleviates a lot of security concerns and can help build customer trust, credibility and can even become a competitive advantage.

Comments  (0)

32137b352537f11c1efe063869f00e0e

Your Weekend Security Challenge: Password-Style

April 12, 2013 Added by:Le Grecs

Password managers will automatically fill in usernames and passwords as your target surfs around the web doing their usual things. I’ve found they just love this convenience and it serves as a great motivator for them to continue using it.

Comments  (0)

37d5f81e2277051bc17116221040d51c

What Makes My Passwords Vulnerable?

November 25, 2012 Added by:Robert Siciliano

Simple passwords: When 32 million passwords were exposed in a breach last year, almost 1% of victims were using 123456. The next most popular password was 12345. Other common choices are 111111, princess, qwerty, and abc123. Avoid these types of passwords, which are easily guessed...

Comments  (0)

D03c28fd5a80c394905c980ee1ecdc88

E-mailing Passwords - Practice What You Preach

November 19, 2012 Added by:Bill Mathews

That’s right, I got an email with my username and password listed right there. That probably doesn’t anger normal people (let alone drive them to write an article about it), but I have never been accused of being normal so I’m pretty annoyed. Here, in no particular order, are my reasons for the anger and frustration...

Comments  (6)

68b48711426f3b082ab24e5746a66b36

Never Attribute to Malice, But Always Verify

November 15, 2012 Added by:Fergal Glynn

FX did find hardcoded local bootloader passwords. These would require physical access and are the types of hardcoded passwords commonly found in networking gear and appliances. Yes a vulnerability but not likely nefarious...

Comments  (0)

94ae16c30d35ee7345f3235dfb11113c

On Password Hell

November 06, 2012 Added by:Joel Harding

I had one sysadmin a few years ago who demanded we all use 64 character passwords and every other character had to switch type. It was something like ^y?M3aI`B[a/ and so on... It took two minutes to type it in and I had to carry a paper with the password written on it. I was so glad when he left...

Comments  (1)

0a8cae998f9c51e3b3c0ccbaddf521aa

Does it Make Sense to Keep Changing Your Passwords?

October 31, 2012 Added by:Rafal Los

I'm running a small experiment on myself in which I've set up an account on a public, high-traffic web-based system out there that has a ton of my personal information. I've not changed my password in almost 6 months, but I still feel relatively good and certain that I am the only one who has access to my stuff...

Comments  (0)

7e364bbac217114a59e547b354e7f7ad

Network Design, Wireless Security, and Password Policies - Business Beware

October 15, 2012 Added by:Gary McCully

A while back I was on a wireless assessment in which I was able to compromise the client’s primary Windows Domain from their guest wireless network. My hope in writing this article is that organizations will take their network design, wireless security, and password policies a little more seriously...

Comments  (0)

Bd07d58f0d31d48d3764821d109bf165

When Log Files Attack: IEEE Data Leak

September 28, 2012 Added by:Tripwire Inc

The fact that usernames and passwords were being logged to a plaintext file itself is problematic, even if the passwords are being hashed when stored in a database, if such data is logged in plain text it defeats the entire purpose...

Comments  (0)

7366c113eb2ccd38f6bbcbd5d52a6bec

How to PWN Systems Through Group Policy Preferences

September 20, 2012 Added by:Jeff McCutchan

All users have read access to the SYSVOL share of the domain controller. Forget about password cracking or passing the hash, you just get the cleartext password. A simple search for “*.xml” in the SYSVOL share on the domain controller will show if your organization is vulnerable...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »