In case you missed the memo passwords are important. Storing them in plain text where threat actors can eventually get access to them is a really bad thing. Misconfigured Firebase instances leaked 19 million plaintext passwords (bleepingcomputer.com) It is even worse if those passwords are associated with other sensitive information, …
If Microsoft can get it wrong…
It has emerged that senior executives at Microsoft had their emails hacked and monitored by Russian threat actors for nearly 2 months. Microsoft network breached through password-spraying by Russian-state hackers | Ars Technica The attack was not sophisticated. The threat actors – Midnight Blizzard – using nothing more than a …
More about passwords…
On Monday I ran a post about passkeys and the end of the password – but of course that is the future of cyber security, today we still depend on passwords. We all know a good password is a combination of upper and lower case letters with numbers and some …
Back to passwords. Again!
It looks like I cannot get away from articles about passwords, which is not really a bad thing as passwords are still fundamental to everyone’s cyber security. I often read in the cyber security technical press that cyber attacks on even the biggest organisations start with the compromise of a …
We have done passwords, now let’s do MFA
Following on from the Back-to-Basics Password Primer mini-series – my latest article on CyberAwake is discussing the basics of multi-factor authentication (MFA): Back to Basics – MFA – CyberAwake In the next part I am going to discuss some of the weaknesses in MFA as a cyber security tool. Back …
Where Do You Keep Your Passwords?
I was wondering what to write about this week for “The Wednesday Bit” – I knew it was not going to be passwords. I have had enough of that! I got started on a spin-off topic from an IT and Cyber Security Audit I am running at the moment about …
On the day I run a password primer this is in the news…
Over 40,000 admin portal accounts use ‘admin’ as a password It seems even administrators need to read my password primer. Back to Basics – A Password Primer