Password Management Best Practices: Stemming the Tide

This one is geared to all you IT professionals out there who are looking to create a strong, effective, and simple to manage password policy.  We’ve talked before about password best practices, and what not to do.  If you want some more information on that particular subject, check out some of the information provided by the security experts over at PortalGuard.  Today, however, we’re going to look at the password policy in some more detail to figure out what password management best practices are the most effective in actual use. 

Top 5 SSO Security Advantages

Behold the power of one password. That's right, password. No longer are you faced with a plethora of login credentials that you know you will never remember. That vicious cycle of helpdesk calls followed by daily account lockouts has finally come to an end. It sounds like you’ve found yourself a single sign-on (SSO) solution and you’re ready to embrace the convenience. After all, convenience was your primary reason for adopting such a technology, was it not? I’ll let you get back to me on that one. In the meantime, let’s take a look at SSO security, a hot topic among the information security community and what more and more IT decision makers are referring to as their “primary motive” for deploying SSO.

What Star Wars Taught Me About Information Security

A belated May the 4^th to all of you Star Wars Fans out there! If you’ve never seen Star Wars: a New Hope, then beware: Spoilers ahead (also, you should go watch that.  Seriously, go now.  We can talk after).  Obviously, one of our favorite topics here at HackerAttacker is security in all its shapes and forms.  We’ve talked about various hackers, how to hack the government, and even how hacking is like picking a lock.  One thing that I never really take into consideration, however, is how much security is thrown in our faces throughout pop culture.  I’m not just talking about advanced techniques seen in movies like Mission Impossible or James Bond; I’m talking about popular culture both old and new.  Specifically, how Star Wars taught me more about information security than most any actual course or class ever could. 

War is Changing: Digital Authentication and Security Solutions

War is changing.  We’ve talked about this before, but the state of war between nations is evolving every day. What once was a sequence of battles between armies, marching in line towards each other, has now become a digital minefield of secrecy, deception, and cyber attacks.  It’s one of the age-old ideas for inventors and other entrepreneurs: give me something that will make life easier, and I’ll show you the next great weapon.  Recently, the White House (you know, the place where all of the people that run things tend to go) was victim of a long-standing, brutal cyber attack.  Sure, the various sources say that nothing ‘Top Secret’ was made available to the public or the attackers, but that doesn’t do much to make me feel better.  I don’t know about you, but I’m left wondering: what did they get? I guess, in a way, the next leap my mind makes is towards digital authentication and security solutions. 

The Secret is Out!

Who does not love a good secret? Being in on a secret is exciting! You know something that someone else does not know; you are instantly special and separated from the pack. Congratulations! But what if that secret is crap? A false façade someone has put up to cover up the truth or to mislead you to think differently about the person or situation.

Deception is real and happens every day. Everywhere you look there is deception being played out.

The guy sitting next to you right now, is that his real hair color? Are your neighbors really happily married? Did we really land on the moon? Is global warming real? Did Al Gore really invent the Internet? Is the dress black and blue or white and gold? What should I believe is the truth?

FREAK and Geeks: Attack and Defense

The Best Offense is a Good Defense

Glass houses are always the worst choice to live in; unless, of course, you want to share your most private secrets with your neighbors.  Most people prefer a house with stronger, thicker, and less ‘see all’ walls where they can protect themselves and their personal information.  Neighbors can throw stones all they want, but they’re not going to crack the walls of an ancient, brick-mortar Victorian. 

It’s an issue as old as time: people will always want to protect their personal data from prying eyes.  Whether that means a thicker flap over the entrance to a straw hut, or a high-end security system that monitors every entrance and exit to a mansion on a hill. But as Hollywood has shown us time and again, where there is extra security, there is usually somebody trying to take what’s hiding inside. 

The digital age has only exacerbated this issue for most users and companies around the world.  The stronger the information security in place, the more vigorous hackers attack in order to find out what is hiding behind the high stone walls on the top of the hill.  Every so often, these hackers find a spot where the mortar is weak, and they drill and drill, under cover of night, until a hole is formed. Then, just out of sight, they sneak in and quietly make away with everything you value most.  So how do you stop somebody coming through the walls around your data? Find the holes, and seal them back up.