A rather geeky/technical weblog, est. 2001, by Bramus
Mat Honan, who’s digital life was destroyed this summer, on passwords The age of the password has come to an end; we just haven’t realized it yet. And no one has figured out what will take its place. What we can say for sure is this: Access to our data can no longer hinge on …
Continue reading “Kill the Password: Why a String of Characters Can’t Protect Us Anymore”
Popular pet names Rover, Cheryl and Kate could be a thing of the past. Banks are now advising parents to think carefully before naming their child’s first pet. For security reasons, the chosen name should have at least eight characters, a capital letter and a digit. It should not be the same as the name …
Today, 6.5million LinkedIn password hashes leaked. These hashes are unsalted SHA-1 hashes and can be found online. If you happen to have the file lingering around, use grep “yourhash” combo_not.txt to check your hash is in it. Also check with the hash in which you replaced the first 5 characters by 00000. If you’re not …
At the Microsoft TechDays 2012 in Belgium, white hat Paula Januszkiewicz shows how the tool Fiddler can be used to intercept the password of a LinkedIn user. The reason is because the password is not being encrypted by LinkedIn, although https is being used. Not that wow imho, as it’s basically a man in the …