passwords
Let’s stop talking password flaws and instead discuss access management
A good bit of attention has been given to a new report that suggests that there are organizations that don’t change their administrative passwords at all, ever. While it may …
Living in a password free world in the modern enterprise
The era of password security in the modern enterprise is over. Passwords are dead. Let’s be honest. Passwords in the enterprise were never really that secure in the …
1 in 10 people have posed as someone else online
Our need for ease and convenience is putting our digital identities and security at risk. A new BehavioSec report finds that 37% of us have shared our personal security data …
Most users limit personal info on social media due to hacking fears
Only 10 percent of internet-using adults in America used at least one social networking site in 2005. More than a decade later that number has grown exponentially, with 84 …
7 million users affected by Minecraft community Lifeboat data breach
Minecraft community fansite “Lifeboat” has admitted that it suffered a data breach in January, after security researcher Troy Hunt added some of the stolen data to …
How to automate a custom password dictionary for your pen test
When doing penetration testing, security professionals regularly have to deal with words that are specific to the task at hand, and many are not found in common wordlists. …
Banks failing with password management, but why?
A recent study shows some terrifying results: banks in the U.S. often have less secure password policies in place than do social media websites. Specifically, the study found …
Amazon selfie password: Is this the future?
Amazon’s “Selfie Authentication” allows the site’s customers to user facial recognition to authenticate themselves to the website in order to make a purchase. While not …
It’s time to kill the static password
How do you manage your passwords? Do you set them all to approximately the same value, for fear of forgetting them? Or do you write them down in a little book, or in a …
Bank password policies are often substandard, study finds
A study of 17 major US banks shows that six of them have weak password handling and that their password procedures are weaker than most social websites. The six banks, 35 …
Which passwords to avoid for Internet-facing systems?
For the last year or so, Rapid7 has been collecting login credentials via “Heisenberg,” a network of low-interaction honeypots that the company has set up to analyze login …
Is zero-effort computer security a dream?
Researchers from the University of Alabama at Birmingham and Aalto University have found vulnerabilities in a recently proposed user-verification security system for …