When LastPass reset their MFA security they locked their clients out as well as the threat actors. LastPass users furious after being locked out due to MFA resets (bleepingcomputer.com) Your takeaway LastPass is a good way to keep your passwords secure – but you are giving LastPass or other password …
Authentication – Who Do You Let In?
Authentication, Authorisation and Accountability. This is the first part of a three-part series looking at the basics of the cyber security principle of “AAA”. Today we will start with Authentication It seems the easiest of principles. Everyone needs a username and password (credentials) to access any of your organisation’s systems. …
If you use KeePass it is good to know…
…it does not leak your master password any more! I have had a lot to say on the storage of your highly sensitive passwords – use an online bank if you must but also realise they are not perfect: KeePass v2.54 fixes bug that leaked cleartext master password (bleepingcomputer.com) I …
Passwordless is coming – Google says so
Here is a keynote article from Google looking at the steps it is taking to make the online experience safer. Google I/O 2023: New features to improve online safety (blog.google) It is worth the read as it does illustrate what the threats and risks are when operating online – both …
Passwordless Google Accounts
I’m in. I have written about passwordlessness (I probably made that word up!) before. Eliminating the password makes it much harder for threat actors to compromise your security, exploit stolen credentials and gain unauthorised access to systems such as Microsoft and now Google: Google adds passkeys support for passwordless sign-in …
