Creating a Stronger Password

During the last week and a half we have been investigating the sorry state of password security.  Now for some more hopeful information.  In this post, we will look at the current recommended standards for creating a secure password, and policy recommendations from the National Institute of Standards and Technology (NIST).

Our recommendations for password strength is to use passwords with at least 12 or more characters.  The reason is that longer passwords are more secure in the face of automated ...

Continue Reading →
0

How I Got Your Password – Part 2

Did you know that the easiest way for me to get your password is just to ask for it? This is one way that cyber-criminals can get one of your passwords. In  our last post we focused on password cracking.  Today we will look at all the other ways that an clever attacker can compromise your password.

  • Social Engineering – Sometimes the easiest way to get password information is just to ask for it.  Social engineering is a type of con ...
Continue Reading →
0

How I Got Your Password – Part 1

In our last post we looked at the frighteningly short amount of time that it takes to crack a typical password.  Today we will look at all the different password cracking methods that a clever attacker can use to compromise your password, and how to defend against these attacks.

Password cracking

There are several types of automated password attacks that can be combined to make the process quicker, or to configure for a certain type of password attack.

  • Dictionary attack – This is ...
Continue Reading →
0

Most Passwords Can Be Easily Cracked

Did you know that the most popular passwords can be cracked in minutes?   And that passwords with 8 characters or fewer can be cracked in a few seconds?  This is why I say that passwords by themselves are no longer a useful form of security.  Today is the second of a five part series on password security, and focuses on the methodology used by password cracking software programs.

Cyber-criminal groups who specialize in password cracking generally harvest huge lists of user ...

Continue Reading →
0

Why Passwords Are A Soft Target

I have said it before, and I will repeat it now:  passwords by themselves are no longer a useful form of security.  The only option that makes passwords secure is two-factor authentication.  Today we embark on a two week investigation into passwords, why they are so easy to break, how your password might be compromised, and how to create a password system that is less vulnerable to exploitation.

Why are passwords so easy to crack?  Some of the answers we have ...

Continue Reading →
0

Where Does Cell Phone Location Data Go?

Have you ever wondered what happens to the location information your smartphone is collecting about you?  Who has access to that information, and for what purpose?  As it turns out, as told in a recent report by Brian Krebs, this information is available to pretty much anybody.

A related article in Sophos’ Naked Security blog pointed to a Continue Reading →

0

Is The End Near For Re-Used Passwords

What do you think about a plan that would actually make it impossible for you to use the same password on two or more sites?  Basically, when you set up a new web account, you would be forced to use a password that was truly different from other passwords you use elsewhere?

I am certain that if you are reading this blog, that you ...

Continue Reading →
0

The Role of the IC3 in Cybercrime Prosecution

If your business has been the victim of a cybersecurity incident, data breach, or other cybercrime, you may have had to decide whether to keep the incident to yourself, or report the crime to the police.  If you carry cyber insurance, reporting the crime is a requirement to file an insurance claim.  So you called the police and filed a report,  You may have been discouraged by the lack of enthusiasm ...

Continue Reading →
0

Hacking Your Browser for Personal Information

Did you know that web browsers such as Chrome, Edge, Firefox, Safari, and Internet Explorer save a lot of personal information that a cyber-attacker could us as research to build a web dossier about you, your likes, and your habits?  A personal dossier that could be used for a deeper attack?

Did  you know that web browsers store parts of web pages ...

Continue Reading →
0

Weekend Update

A quick Saturday digest of cybersecurity news articles from other sources.


FBI Releases IC3 2017 Internet Crime Report

05/07/2018 08:30 PM EDT  Original release date: May 07, 2018

FBI has released the Internet Crime Complaint Center (IC3) 2017 Internet Crime Report, which highlights scams trending online. The top three crime types reported by victims in 2017 were non-payment/non-delivery, personal data breach, and ...

Continue Reading →
0
Page 1 of 41 12345...»