| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Feb | ||||||
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 7 | 8 | 9 | 10 | 11 | 12 | 13 |
| 14 | 15 | 16 | 17 | 18 | 19 | 20 |
| 21 | 22 | 23 | 24 | 25 | 26 | 27 |
| 28 | 29 | 30 | 31 | |||
I recently posted about password length vs. complexity vs. two-factor authentication. But passwords will be around for quite a while, so what are some of the things security professionals can do to keep passwords up to snuff? One of the ways is obviously to enforce password length and complexity, but politics don’t always let that happen.  So many security shops simply […] ↓ Read the rest of this entry…
Roger Grimes has an article at InfoWorld about the size of passwords versus the complexity. I agree with Roger’s assertion that password length is the better than complexity. I have been told by many a security consultant to make the third character a special character, or make the fifth character uppercase, blah blah blah. This […] ↓ Read the rest of this entry…
For my blogging friends out there using WordPress, take serious note of this post from Darknet. Seems like all versions of WordPress below 2.0.3 are vulnerable (2.0.4 should be coming out very soon) to a flaw in the Subscriber functionality. If you require people to register before they can comment, then you need to make […] ↓ Read the rest of this entry…
Just got through reading this article at Security Focus. So basically, fuzzers are becoming more and more prominent in finding flaws in applications (they have been around a while, but they are now gaining notoriety with the general populace). More and more flaws are coming out on all sorts of applications, but the main focus […] ↓ Read the rest of this entry…
Bear with me here. I drove a tank in my Army days, and one of the things I learned was that the M1A1 Abrams tank was built with a low profile so it would be less visible to the enemy. But notice one word in that sentence: enemy. You don’t build it with a low […] ↓ Read the rest of this entry…
So the question is this: who is to blame when a crime is committed? Do you convict the gun or the crook when he robs a bank? Do you convict the crowbar or the crook when he pries open the door to a home and steals the jewelry? Do you convict the brick or the crook […] ↓ Read the rest of this entry…
I have posted a couple of times on how to be a successful security admin / manager (here and here). Well, here is another one (ok, enough of the groans). So, here is today’s advice: stick with the tried and true security. There are methods of security that have been tested for quite a while […] ↓ Read the rest of this entry…
I have to make some comments on this post I found on a law blog I peruse. I know this is not directly related to Information Security, but it related to security in general, so I have to make some comments. Basically, the author of this post (Dan Filler) is making the argument that the […] ↓ Read the rest of this entry…
©0-2012 An Information Security Place | Powered by WordPress with Easel | Subscribe: RSS | Back to Top ↑