Thursday, November 26, 2009

Why history may be bad for you

Search, and you shall find loads of people doing password analysis on the Internet. There's been several high profile attacks against websites, resulting in the compromise and public disclosure of user IDs and password hashes (or worse; passwords in clear-text). I've read many of these, and there are several issues not being addressed or even mentioned in the analysis performed even by people such as Bruce Schneier (whom i really respect, don't get me wrong!).

Saturday, November 21, 2009

Guarding your usernames

Everyone tells you that your password is secret, and that you should never EVER share it with anyone, period. Well, if you're married (like i am), i wouldn't be all to surprised if your other half knows your #PIN (=password) for your VISA/AMEX/Mastercard, and probably a few other cards or online services as well. So much for the recommendation of not sharing your password (a PIN code is a password). Of course you're paranoid about your own security, but what about him/her?

Thursday, November 19, 2009

Welcome / ground rules

Hi, and welcome to my blog. I've set up this blog in order to write about my "current" obsession within security: passwords. I've been doing personal "research" on this for some 8-9 years now, and I've got lots of stuff that i would like to share with the community. Other topics may be discussed as well of course. Just remember this: what i write here is my own opinion, period.