It has emerged that senior executives at Microsoft had their emails hacked and monitored by Russian threat actors for nearly 2 months. Microsoft network breached through password-spraying by Russian-state hackers | Ars Technica The attack was not sophisticated. The threat actors – Midnight Blizzard – using nothing more than a …
Time to kill off the password…
I have written about “going passwordless” and using passkeys before, but it looks like 2024 is going to be the year of the passkey. Here is an excellent explanation from the BBC – take just two and a half minutes and find out why you and your organisation need to …
Windows 11 will get a biometric uplift
Windows Hello, the biometric/PIN authentication and access tool, that ships with the latest versions of Windows installed on suitable hardware is expanding its supported operations. Windows 11 is getting a built-in passkey manager for Windows Hello (bleepingcomputer.com) A new passkey manager will enable the PIN or biometric sensors in your …
Authentication – Who Do You Let In?
Authentication, Authorisation and Accountability. This is the first part of a three-part series looking at the basics of the cyber security principle of “AAA”. Today we will start with Authentication It seems the easiest of principles. Everyone needs a username and password (credentials) to access any of your organisation’s systems. …
If you use KeePass it is good to know…
…it does not leak your master password any more! I have had a lot to say on the storage of your highly sensitive passwords – use an online bank if you must but also realise they are not perfect: KeePass v2.54 fixes bug that leaked cleartext master password (bleepingcomputer.com) I …