- Comms
- Law
- Medic
- News
- Opinion
- Threat Watch
- Training
- Warrior Tools
- Accessories
- Ammo
- Body Armor
- Books
- Clothing
- Commo
- Gear
- Handguns
- Holsters
- Knives
- Long Guns
- ACC
- Accuracy International
- Barrett
- Benelli
- Beretta
- Blaser
- Bushmaster
- Custom
- CZ
- Desert Tactical Arms
- DPMS
- FN
- Forums
- HK
- IWI
- Kel-Tec Long Guns
- LaRue
- LWRC
- McMillan
- Mosin Nagant
- Mossberg
- Para
- Remington
- Rock River Arms
- Ruger Long Guns
- Sabre Defense
- Sako
- SIG Sauer
- SKS
- Smith & Wesson Long Guns
- Springfield
- Styer
- Weatherby
- Wilson Combat
- Winchester
- Magazines
- Maintenance
- Navigation
- Optics
- Sights
- Tech
- Warriors
Posts Tagged passwords
Choosing A Strong Password Is Easier Than You Think
Posted by Brian in Tech, Threat Watch on 8/Aug/2016 07:00
From EFF:
Randomly-generated passphrases offer a major security upgrade over user-chosen passwords. Estimating the difficulty of guessing or cracking a human-chosen password is very difficult. It was the primary topic of my own PhD thesis and remains an active area of research. (One of many difficulties when people choose passwords themselves is that people aren’t very good at making random, unpredictable choices.)
Measuring the security of a randomly-generated passphrase is easy. The most common approach to randomly-generated passphrases (immortalized by XKCD) is to simply choose several words from a list of words, at random. The more words you choose, or the longer the list, the harder it is to crack. Looking at it mathematically, for k words chosen from a list of length n, there are kn possible passphrases of this type. It will take an adversary about kn/2 guesses on average to crack this passphrase. This leaves a big question, though: where do we get a list of words suitable for passphrases, and how do we choose the length of that list?
In general choosing four five-letter words is better than one long word with number substitutions and some weird characters thrown in. It’s easier to remember and vastly harder for a computer to guess.
Sharing Passwords May Now Be A Crime
From Motherboard:
At issue is language in the CFAA that makes it illegal to access a computer system “without authorization.†McKeown said that “without authorization†is “an unambiguous, non-technical term that, given its plain and ordinary meaning, means accessing a protected computer without permission.†The question that legal scholars, groups such as the Electronic Frontier Foundation, and dissenting judge Stephen Reinhardt ask is an important one: Authorization from who?
Andriod Backup Services May Not Be Secure
If you use an Android device you may want to review how you store your settings and passwords.
From the Electronic Frontier Foundation:
If you have a recent Android phone or tablet, chances are you take advantage of a convenient feature to backup your application settings and wireless network passwords. This feature is enabled by default in Android 2.2 and later, and it can make switching to a new device or replacing a lost phone a quicker process. If you haven’t examined all the settings for your phone, you might not know if this setting is enabled.
Creating and Managing Passwords: How the Experts Do It
Posted by Brian in Comms, Opinion, Threat Watch on 15/Jul/2013 12:12
From Ars Technica:
I recently checked in with five security experts to learn about their approach to choosing and storing crack-resistant passwords. They include renowned cryptographer Bruce Schneier, who is a “security futurologist” at BT and recently joined the Electronic Frontier Foundation’s board of directors; Adriel T. Desautels, CEO of Netragard, a firm that gets paid to hack large companies and then tell them how it was done; Jeremiah Grossman, founder and CTO of WhiteHat Security; Jeffrey Goldberg, “defender against the dark arts” at AgileBits, a company that develops the popular 1Password password manager; and Jeremi Gosney, a password security expert at Stricture Consulting.