Below you will find pages that utilize the taxonomy term “passwords”
Posts
Assume your devices are compromised
For decades, we have assumed our local computing devices are a safe place to store digital secrets. Most software, systems and security protocols make this assumption.
Posts
Cracking passwords with cheap hardware
There were roughly 30 Street teams that participated in Korelogic’s 2020 Crack Me If You Can password cracking contest at Defcon. I took 4th place.
Posts
Now they have 2FA problems
There’s an old quip about solutions causing more problems:
Some people, when confronted with a problem, think “I know, I’ll use regular expressions.” Now they have two problems.
Posts
Types of passwords
Understanding basic password types will help you devise a strong password management strategy for all of your accounts. In general, and at a high-level, there are two basic types of passwords.
Posts
The design flaws of password managers
I once worked in highly regulated environments and needed a way to recall dozens of complex passwords that changed frequently. I tried to use a password manager, but could not due to the burdens and insecurity of some common design flaws.
Posts
They want us to be compliant, not secure
Some years ago, I worked for an organization that was involved in federally funded research. Occasionally, government IT auditors (or contractors that they hired) would visit our facilities to audit our systems.