Tag: password security

  • NCSC Feed: The problems with forcing regular password expiry

    Source URL: https://www.ncsc.gov.uk/blog-post/problems-forcing-regular-password-expiry Source: NCSC Feed Title: The problems with forcing regular password expiry Feedly Summary: Why the NCSC decided to advise against this long-established security guideline. AI Summary and Description: Yes Summary: The article discusses the shift away from mandatory password expiry policies, advocating instead for user-friendliness and better detection methods to improve security.…

  • The Register: Medusa ransomware group claims attack on UK’s Gateshead Council

    Source URL: https://www.theregister.com/2025/01/17/gateshead_council_cybersecurity_incident/ Source: The Register Title: Medusa ransomware group claims attack on UK’s Gateshead Council Feedly Summary: Pastes allegedly stolen documents on leak site with £600K demand Another year and yet another UK local authority has been pwned by a ransomware crew. This time it’s Gateshead Council in North East England at the hands…

  • NCSC Feed: Three random words or #thinkrandom

    Source URL: https://www.ncsc.gov.uk/blog-post/three-random-words-or-thinkrandom-0 Source: NCSC Feed Title: Three random words or #thinkrandom Feedly Summary: Ian M discusses what makes a good password AI Summary and Description: Yes Summary: The provided text discusses password security, specifically the process of hashing passwords to protect them from unauthorized access. It highlights the methods cybercriminals might use to compromise…

  • Microsoft Security Blog: Convincing a billion users to love passkeys: UX design insights from Microsoft to boost adoption and security

    Source URL: https://www.microsoft.com/en-us/security/blog/2024/12/12/convincing-a-billion-users-to-love-passkeys-ux-design-insights-from-microsoft-to-boost-adoption-and-security/ Source: Microsoft Security Blog Title: Convincing a billion users to love passkeys: UX design insights from Microsoft to boost adoption and security Feedly Summary: Passkeys offer faster, safer sign-ins than passwords. Microsoft encourages users to adopt passkeys for improved security and convenience. The post Convincing a billion users to love passkeys: UX…

  • Schneier on Security: Good Essay on the History of Bad Password Policies

    Source URL: https://www.schneier.com/blog/archives/2024/11/good-essay-on-the-history-of-bad-password-policies.html Source: Schneier on Security Title: Good Essay on the History of Bad Password Policies Feedly Summary: Stuart Schechter makes some good points on the history of bad password policies: Morris and Thompson’s work brought much-needed data to highlight a problem that lots of people suspected was bad, but that had not been…

  • CSA: The New NIST Password Guidelines & Cloud Security

    Source URL: https://cloudsecurityalliance.org/articles/what-do-the-new-nist-password-guidelines-mean-for-cloud-security Source: CSA Title: The New NIST Password Guidelines & Cloud Security Feedly Summary: AI Summary and Description: Yes Summary: The text provides an insightful overview of the evolution and modern challenges of password security, particularly in the context of cloud computing. The updates from NIST suggest a significant shift in password policy,…

  • Schneier on Security: IoT Devices in Password-Spraying Botnet

    Source URL: https://www.schneier.com/blog/archives/2024/11/iot-devices-in-password-spraying-botnet.html Source: Schneier on Security Title: IoT Devices in Password-Spraying Botnet Feedly Summary: Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part; the techniques seem basically what you get in a distributed password-guessing attack: “Any threat actor…