recentpopularlog in

mcherm : passwords   17

NIST’s new password rules – what you need to know – Naked Security
An actual STANDARD on how to handle passwords. START SHOWING THIS TO PEOPLE. I'm linking to the article, not the standard, because it gives such a nice summary.
passwords  security  standards  via:reddit 
august 2016 by mcherm
Your Password is Too Damn Short
A more up-to-date article on what it takes to break a password. My current security level is OK but only because I'm not the easiest target around... I'd be better off changing my default length to 12 or 15.
security  passwords  via:CodingHorror 
april 2015 by mcherm
Brain wallet disaster : Bitcoin
This is the case of someone using an obscure line of poetry as their password... and having it hacked.
passwords  security  bitcoin 
march 2015 by mcherm
The Secret Life of Passwords -
About the special passwords people choose and their meanings.
security  passwords  nytimes  via:HackerNews 
november 2014 by mcherm
Anatomy of a hack: How crackers ransack passwords like “qeadzcwrsfxv1331” | Ars Technica
A detailed review of how long it took various password experts to crack a password list. The moral is that any password you can remember can be cracked in almost no time. Also, use bcrypt.
cryptography  security  passwords  ArsTechnica  via:ArsTechnica 
may 2013 by mcherm
Apple really needs two passwords, not one for everything | My Thoughts
Apple should offer 2 passwords, one for low-security actions and one for high-security actions. And it's not just Apple... lots of companies should allow that. It should be optional.
mypostings  passwords  security  via:HackerNews  blogworthy 
december 2012 by mcherm
25-GPU cluster cracks every standard Windows password in <6 hours | Ars Technica
Specialized hardware can crack EVERY 8-character password in just a few hours using reasonable encryption algorithms (faster with poor algorithms).
ArsTechnica  via:HackerNews  security  passwords 
december 2012 by mcherm
Kill the Password: Why a String of Characters Can't Protect Us Anymore | Gadget Lab |
Passwords are already broken for a few, soon will be for everyone. Two-factor authentication helps, but the real solution is multi-factor authentication with several factors. I'm not sure I agree about the solution, but the problem is well described.
security  passwords  wired  via:HackerNews 
november 2012 by mcherm
Some evidence on multi-word passphrases
Research on what people chose as passphrases. Too predictable: 20 bits (compared to 10 bits for passwords).
security  via:HackerNews  passwords 
march 2012 by mcherm
Password Policies are Getting Out of Control | blog@CACM | Communications of the ACM
Government and university sites have the most restrictive password policies because there is no one to advocate for usability.
security  via:reddit  passwords  acm 
august 2011 by mcherm
Schneier on Security: Changing Passwords
How often should you change your password? Depends on the use: changing it only protects against snooping, so if that's the threat, change it as frequently as you need; otherwise don't bother changing it.
security  BruceSchneier  via:BruceSchneier  passwords 
november 2010 by mcherm
Technology Review: Passwords that are Simple--and Safe
Microsoft idea: allow people to pick anything they want as a password, but no more than a few people can have the SAME password.
via:slashdot  security  passwords 
july 2010 by mcherm
Do Strong Web Passwords Accomplish Anything? (PDF)
Research paper showing that requiring strong passwords (ones with funny characters in them) on the Web doesn't actually add any meaningful security.
security  via:BruceSchneier  passwords 
july 2009 by mcherm
Secure Passwords Keep You Safer
Bruce Schneier on passwords... what users do, how good guesser programs work, and what you should do to make yours more secure.
BruceSchneier  via:BruceSchneier  encryption  security  passwords 
may 2008 by mcherm

Copy this bookmark:

to read