Using LastPass

lp-956I recently accepted the position of Secretary in the Twins Cities chapter of the International Information Systems Security Certification Consortium (ISC)2-TC, and in order to send me the passwords for certain online chapter assets, it was requested that I sigh up for the password management product, LastPass.  I have written previously about LastPass, KeePass, and RoboForm as recently as June 16. ...

Continue Reading →
0

Have a WordPress Site? Better Secure It!

WordPresslogoWordPress has become an incredibly popular web design platform, and currently has about a 25% share of all web sites on the Internet.  As an open-source software product that is free to download and use, with a great support and documentation through WordPress.org, and a huge, international development community providing an endless array of themes, plug-ins and widgets, it is easy ...

Continue Reading →
0

Secret Questions Too Hard To Answer

passwordAs we have mentioned several times, humans represent the weakest link in cybersecurity.  This means we are terrible at creating strong passwords, and we are bad at remembering them, too.  So all of our online service providers have password reset systems that usually include a series of “secret” questions that are supposed to be both hard for an attacker to guess, but easy for the account holder to remember.  Unfortunately, this ...

Continue Reading →
0

Your Brain Waves Could Be Your Password

brainwavesWe have been relying on the trusty password for years, but as password cracking technologies improve, even longer and more complex passwords are being solved and sold on rainbow tables.  So passwords are for the most part over.  Two factor authentication is possibly a solution, but biometrics are becoming a big part of what is next in the field of user authentication.  We have already seen fingerprint scanners on some laptops, ...

Continue Reading →
0

LinkedIn Passwords Found on Russian Site

linkedin-logoIf you are on LinkedIn, as I am, today is a good day to change your password.  It seems that about 6.5 million LinkedIn usernames an password have found their way onto a Russian cyber-crime website.  While LinkedIn initially disputed the report of security researcher Per Thorsheim, they recently admitted that they had lost control of some users’ credentials and Continue Reading →

0

Windows 10 Security Upgrades: Hello, Passport, FIDO

Windows10HelloWindows 10 will be featuring a built in security feature called Hello, as well as Passport, for online security, and is supporting the FIDO Alliance as well.  Hello will use fingerprint, facial recognition or iris scanning to authenticate you to your computer, and from there, authenticate you to your domain or workgroup resources.  The facial recognition camera will ...

Continue Reading →
0

Samsung Testing Iris Recognition

As the age of password authentication falls to newer and faster password cracking hardware, software, and list building tools, technologists have been looking at other authentication methods.  Many of these techniques we have covered here: two-factor authentication (2FA), secure key, smartphone authentication apps, Google’s USB security dongle, fingerprint readers, and other biometrics.

Recently, Samsung, together with SRI, have started working on an iris recognition authentication methodology called IOM or “Iris On the Move.”  The human iris, the colored part of the eye, ...

Continue Reading →
0

Personal Information: What is the Worst to Lose?

anthem-250I was reading an article on Sophos about the Anthem Healthcare breach, and putting this information together with some other articles I have read recently, and this question came to mind: what personal information is the worst to lose?  In the Anthem breach, people lost information that included their “names, dates of birth, member ID/social security numbers, addresses, phone numbers, email ...

Continue Reading →
0
Page 8 of 9 «...56789