Dogbert the Security Consultant Strikes Again: Online Storage of Passwords
Ok maybe I need to rethink associating all Online Password Storage groups in the same realm as Dogbert. Think think think think…hmmmm….NOPE!
A nice aspect of the blog that I put out for me is the backend shows me where a referral comes from and recently one came from http://www.notsorelevant.com/2008-01-30/is-giving-away-passwords-cool-again/ while the information with in the [...]
Concerns: More on Password Cracking
I was talking with a coworker the other day about password cracking and I wanted to write up another post regarding that conversation and Michael Coates comments on a previous article that I wrote.
http://secauditor.wordpress.com/2008/02/21/what-is-more-important-password-expiration-complexity-or-something-else/
There are two main areas that must be looked at anytime an organization enters into password cracking. First is the [...]
What is more important password expiration, complexity or something else?
I was holding a conversation today about password expiration and I have decided it isn’t so much about the password strength or the time between password changes. Looking at it passwords are a primary method used to control access to resources. Because authenticated access is seldom logged, a compromised password is a way to [...]
Read Full Post | Make a Comment ( 2 so far )Utilizing winexe to create a backdoor
On Thursday of this week I was fortunate enough to work along side a colleague of mine as we were conducting a forensic investigation. We had retrieved a active laptop and wanted to conduct a live memory dump of the system. Unfortunately there was a password on the screen saver and we didn’t [...]
Read Full Post | Make a Comment ( 6 so far )
