passwords – Page 7 – SSL and internet security news

Security Design: Stop Trying to Fix the User

October 3, 2016 infossl

essays, passwords, Security technology, securityengineering, usability, usb

Every few years, a researcher replicates a security study by littering USB sticks around an organization’s grounds and waiting to see how many people pick them up and plug them in, causing the autorun function to install innocuous malware on their computers. These studies are great for making security professionals feel superior. The researchers get … Read More “Security Design: Stop Trying to Fix the User” »

Recovering an iPhone 5c Passcode

September 15, 2016 infossl

academicpapers, backdoors, encryption, fbi, ios, iphone, lies, passwords, Security technology

Remember the San Bernardino killer’s iPhone, and how the FBI maintained that they couldn’t get the encryption key without Apple providing them with a universal backdoor? Many of us computer-security experts said that they were wrong, and there were several possible techniques they could use. One of them was manually removing the flash chip from … Read More “Recovering an iPhone 5c Passcode” »

Keystroke Recognition from Wi-Fi Distortion

August 30, 2016 infossl

academicpapers, keylogging, passwords, privacy, Security technology, sidechannelattacks, wifi

This is interesting research: “Keystroke Recognition Using WiFi Signals.” Basically, the user’s hand positions as they type distorts the Wi-Fi signal in predictable ways. Abstract: Keystroke privacy is critical for ensuring the security of computer systems and the privacy of human users as what being typed could be passwords or privacy sensitive information. In this … Read More “Keystroke Recognition from Wi-Fi Distortion” »

Frequent Password Changes Is a Bad Security Idea

August 5, 2016 infossl

academicpapers, algorithms, passwords, Security technology, securitypolicies

I’ve been saying for years that it’s bad security advice, that it encourages poor passwords. Lorrie Cranor, now the FTC’s chief technologist, agrees: By studying the data, the researchers identified common techniques account holders used when they were required to change passwords. A password like “tarheels#1”, for instance (excluding the quotation marks) frequently became “tArheels#1” … Read More “Frequent Password Changes Is a Bad Security Idea” »

Database of Ten Million Passwords

February 19, 2015 infossl

databases, hacking, passwords, Security technology

Earlier this month, Mark Burnett released a database of ten million usernames and passwords. He collected this data from already-public dumps from hackers who had stolen the information; hopefully everyone affected has changed their passwords by now. News articles. Powered by WPeMatico

Ford Proud that "Mustang" Is a Common Password

February 16, 2015 infossl

cars, computersecurity, passwords, Security technology

This is what happens when a PR person gets hold of information he really doesn’t understand. “Mustang” is the 16th most common password on the Internet according to a recent study by SplashData, besting both “superman” in 21st place and “batman” in 24th Mustang is the only car to appear in the top 25 most … Read More “Ford Proud that "Mustang" Is a Common Password” »

Citadel Malware Steals Password Manager Master Passwords

November 22, 2014 infossl

malware, passwords, passwordsafe, Security technology

Citadel is the first piece of malware I know of that specifically steals master passwords from password managers. Note that my own Password Safe is a target. Powered by WPeMatico