Thursday, May 23, 2013

Passwords^13

YES, IT'S HAPPENING!

Las Vegas. July 30-31. Same time as Blackhat, overlapping slightly with BsidesLV and a few days before Defcon, where our friends at Korelogic will be running the annual CrackMeIfYouCan competition once again.
But please, do visit passwordscon.org to learn more. Call for presentations, venue, registration, SPONSORING.... My friend & password cracking partner Jeremi Gosney of Stricture Consulting Group runs the page, and does a fantastic job of "local" organization in the US / Las Vegas.

I hope to see you there! :-)

Password Crackers Hierarchy of Needs

[Click for full size]

Why SMS 2FA Twitter, WHY?

Dear Twitter,

Congratulations on adding 2-factor authentication, or "login verification" as you have named the baby. It's way overdue imho. With me being 1) one of those critizizing you for being slow with introducing 2FA, and 2) one of those who can't get it quite yet (As Norway and all telcos here doesn't exist in your settings universe quite yet), I do have some questions for you.