Tag: password security
-
Schneier on Security: Good Essay on the History of Bad Password Policies
Source URL: https://www.schneier.com/blog/archives/2024/11/good-essay-on-the-history-of-bad-password-policies.html Source: Schneier on Security Title: Good Essay on the History of Bad Password Policies Feedly Summary: Stuart Schechter makes some good points on the history of bad password policies: Morris and Thompson’s work brought much-needed data to highlight a problem that lots of people suspected was bad, but that had not been…
-
CSA: The New NIST Password Guidelines & Cloud Security
Source URL: https://cloudsecurityalliance.org/articles/what-do-the-new-nist-password-guidelines-mean-for-cloud-security Source: CSA Title: The New NIST Password Guidelines & Cloud Security Feedly Summary: AI Summary and Description: Yes Summary: The text provides an insightful overview of the evolution and modern challenges of password security, particularly in the context of cloud computing. The updates from NIST suggest a significant shift in password policy,…
-
Schneier on Security: IoT Devices in Password-Spraying Botnet
Source URL: https://www.schneier.com/blog/archives/2024/11/iot-devices-in-password-spraying-botnet.html Source: Schneier on Security Title: IoT Devices in Password-Spraying Botnet Feedly Summary: Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part; the techniques seem basically what you get in a distributed password-guessing attack: “Any threat actor…
-
CSA: How Strong Passwords Protect Your Data
Source URL: https://cloudsecurityalliance.org/blog/2024/10/18/a-look-at-strong-password-practices-a-shield-for-your-digital-life Source: CSA Title: How Strong Passwords Protect Your Data Feedly Summary: AI Summary and Description: Yes Summary: The text emphasizes the critical importance of strong password practices in the context of cybersecurity, illustrating the risks associated with weak passwords and highlighting the benefits of using password managers. It serves as a reminder…
-
Slashdot: NIST Proposes Barring Some of the Most Nonsensical Password Rules
Source URL: https://yro.slashdot.org/story/24/09/27/0021240/nist-proposes-barring-some-of-the-most-nonsensical-password-rules?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: NIST Proposes Barring Some of the Most Nonsensical Password Rules Feedly Summary: AI Summary and Description: Yes Summary: The text discusses NIST’s latest public draft of SP 800-63-4, which updates Digital Identity Guidelines. It emphasizes new password practices, eliminating outdated requirements such as periodic password changes and composition rules,…
-
The Register: UPS supplier’s password policy flip-flops from unlimited, to 32, then 64 characters
Source URL: https://www.theregister.com/2024/09/23/cyberpower_password_changes/ Source: The Register Title: UPS supplier’s password policy flip-flops from unlimited, to 32, then 64 characters Feedly Summary: That ‘third party’ person sure is responsible for a lot of IT blunders, eh? A major IT hardware manufacturer is correcting a recent security update after customers complained of a password character limit being…