Home Tags Password

Tag: password

password is a word or string of characters used for user authentication to prove identity or access approval to gain access to a resource (example: an access code is a type of password), which is to be kept secret from those not allowed access.

The use of passwords is known to be ancient. Sentries would challenge those wishing to enter an area or approaching it to supply a password or watchword, and would only allow a person or group to pass if they knew the password. In modern times, user names and passwords are commonly used by people during a log in process that controls access to protected computer operating systems, mobile phones, cable TV decoders, automated teller machines (ATMs), etc. A typical computer user has passwords for many purposes: logging into accounts, retrieving e-mail, accessing applications, databases, networks, web sites, and even reading the morning newspaper online.

Despite the name, there is no need for passwords to be actual words; indeed passwords which are not actual words may be harder to guess, a desirable property. Some passwords are formed from multiple words and may more accurately be called a passphrase. The terms passcode and passkey are sometimes used when the secret information is purely numeric, such as the personal identification number (PIN) commonly used for ATM access. Passwords are generally short enough to be easily memorized and typed.

Most organizations specify a password policy that sets requirements for the composition and usage of passwords, typically dictating minimum length, required categories (e.g. upper and lower case, numbers, and special characters), prohibited elements (e.g. own name, date of birth, address, telephone number). Some governments have national authentication frameworks that define requirements for user authentication to government services, including requirements for passwords.

Honeypots and the Internet of Things

According to Gartner, there are currently over 6 billion IoT devices on the planet. Such a huge number of potentially vulnerable gadgets could not possibly go unnoticed by cybercriminals. As of May 2017, Kaspersky Lab’s collections included several thousand different malware samples for IoT devices, about half of which were detected in 2017.

Advanced CIA firmware has been infecting Wi-Fi routers for years

Latest Vault7 release exposes network-spying operation CIA kept secret since 2007.

Login-stealing phishing sites conceal their evil with lots of hyphens in...

Compromised domains target Android users with fake login pages for cloud services.

Nigerian phishing: Industrial companies under attack

In late 2016, the Kaspersky Lab Industrial Control Systems Cyber Emergency Response Team reported on phishing attacks that were primarily targeting industrial companies from the metallurgy, electric power, construction, engineering and other sectors.

As further research demonstrated, this was just part of a bigger story that began much earlier and is unlikely to end any time soon.

Georgia’s voting system is uniquely vulnerable to election-tampering hackers

Report uncovers a litany of lapses in voting system used state wide.

Two Tickets as Bait

Over the previous weekend, social networks were hit with a wave of posts that falsely claimed that major airlines were giving away tickets for free. Users from all over the world became involved in this: they published posts that mentioned Emirates, Air France, Aeroflot, S7 Airline, Eva Air, Turkish Airlines, Air Asia, Air India, and other companies.

The dumbest passwords people still use

Everybody knows that 12345 is a bad password.

But what they're using instead isn't much stronger

VU#251927: CalAmp LMU-3030 devices may not authenticate SMS interface

OBD-II devices are used to provide telematics information for managers of fleets of vehicles. One type of device,manufactured by CalAmp,has an SMS(text message)interface. We have found multiple deployments where no password was configured for this interface by the integrator/reseller.

Companies using the CalAmp hardware should be aware that they need to set a password or disable SMS.
Vendors were notified and the SMS interface was disabled or password-protected by all vendors known to be affected.

VU#350135: Various WiMAX routers contain a authentication bypass vulnerability in custom...

WiMAX routers from several vendors making use of a custom httpd plugin for libmtk are vulnerable to an authentication bypass allowing a remote,unauthenticated attacker to change the administrator password on the device.

50% off SanDisk Extreme PRO 128GB USB 3.0 Flash Drive, Speeds...

The SanDisk Extreme PRO USB 3.0 Flash Drive features a sizable 128GB of storage, and read speeds of up to 260MB/s lets you easily transfer a full-length movie in seconds. The sophisticated design and durable aluminum metal casing help to protect against every day wear and tear on the outside, while the included SanDisk SecureAccess software provides 128-bit AES file encryption and password protection on the inside for your private files.

The SanDisk Extreme PRO USB 3.0 Flash Drive is backed with a lifetime limited warranty.
It currently averages 4.6 out of 5 stars on Amazon from over 550 people (80% rate the full 5 stars: seenbsp;reviews here), and its typical list price has been reduced a generous 54% to just $64.99.
See this deal on Amazon.To read this article in full or to leave a comment, please click here