Blog Posts Tagged with "Passwords"

55e2c9d06a7261846e96b8bb2d4e1fe5

How To Crack A SAM Database Using Ophcrack

October 28, 2010 Added by:bitraptor bitraptor

Ophcrack is a Windows password cracker based on a time-memory trade-off using rainbow tables. This is a new variant of Hellman’s original trade-off, with better performance. It recovers 99.9% of alphanumeric passwords in seconds. Yes, you read that right, in SECONDS...

Comments  (2)

916cb4b04f32e307ee2a5c32c8d4f7b7

Mom and Dad, It's Time To Get Secure

October 27, 2010 Added by:Niko DePofi

I know your computer is almost a foreign language, so I put together a decent, basic primer of how to keep your information safe when using a PC. This isn't all that can be done. There may never be a truly comprehensive list of what to do to stay safe, but this is a decent primer...

Comments  (0)

5c9886924588e138cc18290742c2095e

Authentication - Risk and Trust Part Two

October 24, 2010 Added by:Guy Huntington

There are many different identity types interacting with a modern enterprise and identity type gradients. The risk associated with these identity gradients may vary according to the purchase amount, or type of information flowing between the enterprise and the identity type gradient..

Comments  (0)

55e2c9d06a7261846e96b8bb2d4e1fe5

Hashes and the Security Account Manager

October 24, 2010 Added by:bitraptor bitraptor

SAM is far from being perfect, but the real problem lies in the way they store the passwords - it's an old method created by Microsoft prior to the Windows NT family, and they still run the old style LM hash keys so that two concurrent hashes of the passwords are stored...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Cracking 14 Character Complex Passwords in 5 Seconds

October 21, 2010 Added by:Dan Dieterle

A Swiss security company called Objectif Sécurité has created a cracking technology that uses rainbow tables on SSD drives. Apparently it is the hard drive access time and not the processor speed that slows down cracking. Using SSD drives can make cracking faster, but just how fast?

Comments  (23)

E313765e3bec84b2852c1c758f7244b6

Just In Time for Fall: Introducing Touchdown Tasks

October 07, 2010 Added by:Brent Huston

Each month, we focus on a specific, measurable task you can use to firm up your own security strategy. The tasks focus on authentication credentials to identify and remove all network, system and application access that does not require secure authentication credentials or mechanisms...

Comments  (0)

5c9886924588e138cc18290742c2095e

More on Twelve Character Passwords

October 05, 2010 Added by:Guy Huntington

Obtaining passwords is so easy using social engineering that it negates the use of a password with special characters and X length. When I go onto client sites one of the first things I do is look under keyboards, behind the screens etc, where I usually find the password written down...

Comments  (3)

Fc152e73692bc3c934d248f639d9e963

Do We Need Twelve Character Long Passwords?

October 02, 2010 Added by:PCI Guru

Are the days of eight character long passwords over? I have seen examples where current threats plus older threats could be used to compromise security. It was just all in how they were put together. It is very important that security professionals need to understand their opponent...

Comments  (5)

37d5f81e2277051bc17116221040d51c

Strong Passwords Are Not Enough

September 24, 2010 Added by:Robert Siciliano

Adding one capital letter and one asterisk would change the processing time for an 8 character password from 2.4 days to 2.1 centuries.It is just as important that your PC is free of malicious programs such as spyware and key-loggers. Beware of RATS a.k.a Remote Access Trojans...

Comments  (0)

E313765e3bec84b2852c1c758f7244b6

Passwords, Dinosaurs, and 8-Track Tapes

August 30, 2010 Added by:Brent Huston

It’s not just a matter of people using short, simple, stupid passwords any more. With advances in easily available and cheap computing power such as advanced graphics processors and solid state drives, even long and complex passwords can be cracked in seconds...

Comments  (2)

A88973e7d0943d295c99820ab9aeed27

Is There Such a Thing as the Perfect Password?

August 25, 2010 Added by:Simon Heron

Using a password by itself leaves the user wide open to abuse from keyloggers and phishing attacks. Add a token into the mix and it greatly reduces the risk of exploitation, as the hacker would have to be close enough to take the token from your possession...

Comments  (3)

46d1980e375ce08915b30d9a328c2fdc

Default, Blank and Weak Username/Passwords

July 22, 2010 Added by:Application Security, Inc.

Application Security, Inc.’s Team SHATTER has researched the Top 10 Database Vulnerabilities in order to you with the most up-to-date vulnerabilities, risk and remediation information. Today’s topic is Default, Blank & Weak Username/Passwords...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Google Hack Whacks Passwords

April 30, 2010 Added by:Robert Siciliano

Code named Gaia after “Greek Goddess of Earth” a Google single sign on password system was hacked in December. Google is a significant part of many individuals and businesses online activities. Millions rely on Google every day to be fast, functional and most important, secure. A breach such as this may erode the confidence of Google users, but for many, they have all their egg...

Comments  (2)

Dd9902bc56a9d85cdc62c00083ea4871

Passwords…Are they needed?

April 06, 2010 Added by:Katie Weaver-Johnson

This week I received an e-mail from a friend of mine saying he was in the UK to visit his ill sister and needed to borrow money…perhaps many of you have received an e-mail like this too?  In reality, my friend’s e-mail account had been hacked and the e-mail was a hoax.

Comments  (5)

7fef78c47060974e0b8392e305f0daf0

Where are the DBAs?

October 07, 2009 Added by:Infosec Island Admin

What I really want to know is this: Where are the Database Admins (DBAs) these days? I cant tell you how many times in the past 18 months that I’ve found real enterprises running vulnerable databases with default passwords, weak passwords and no real permissions management.

Comments  (3)

Page « < 8 - 9 - 10 - 11 - 12 > »