password

RSS

password Blogs

  • How to enforce password complexity on Solaris

    Posted May 12, 2012 - 7:44 pm

    Solaris 10 is the first version of Solaris to provide a complex set of variables for controlling password strength. The /etc/default/passwd file contains a series of parameters -- most commented out when a system is first installed -- that allow you to exercise some fairly rigorous constraints on the passwords your users may select.

  • What makes a good password?

    Posted April 29, 2012 - 5:02 pm

    Sound advice against the use of bad passwords has been around for decades. Yet I still find people electing to use passwords like pa55w0rd and login123 as if they'd never heard about password cracking programs. Even technical professionals -- programmers, help desk techs and systems administrators -- sometimes assign really weak passwords to their own and other important accounts. It's become painfully obvious to me that telling people to use good passwords isn't enough. We need to clearly define what a good password is -- and never imply that short or predictable passwords are ever OK.

  • WikiLeaks, Guardian furious at source of security breach: the two of them

    Posted September 1, 2011 - 6:38 pm

    WikiLeaks' founder Julian Assange posts blistering editorial blaming Guardian newspaper for publishing a secret password decrypting 130K cables, which Assange posted in the first place. Guardian editor points finger at Assange, injures self in convolutions trying to avoid blame.

  • Cloud cracks home wireless router; giant hammer squishes ant

    Posted January 11, 2011 - 1:19 pm

    Hackers using Amazon's EC2 to crack WLANs is no threat to corporate IT, but does highlight new options for ambitious, cash-strapped crackers.

  • Where Google Chrome security fails: the password

    Posted November 23, 2009 - 12:42 pm

    Google promises that Chrome will be a much more secure than Windows. Well, yes, but it also has one big problem as well.

  • Avoiding Password Hell

    Posted October 28, 2009 - 12:11 pm

    Some people seem to think that long, complicated passwords that change frequently are great for security. They couldn't be more wrong.

  • Google Tech talk on Password Reset

    Posted August 15, 2008 - 12:35 am

    In a recent post, I described the problems with password reset, and how current password reset questions can be attacked. Watch my recent Google Tech talk on this subject...

  • What is worse than reusing passwords?

    Posted August 12, 2008 - 9:22 pm

    Think your password resets are secure? Think again. The city you grew up in and your mother's maiden name can be derived from public records. Facebook might unwittingly tell the name of your best friend. And, until quite recently, Ford with its 25% market share had a pretty good chance of being the brand of your first car!
Ask a Question