Bruce Schneier of course does it better justice than I ever could, but there was a great paper released that looks at passwords through a modern lens: Do Strong Web Passwords Accomplish Anything? Today's attack vectors are different--phishing is preferred over brute-force attacks, etc. Much like how Mr. Schneier likes to remind us that if you put up a strong front door using strong cryptography, attackers will just find a way around the door. They seek the path of least resistance. I was very encouraged to read the linked paper, so I wanted to pass it along who might not have caught it on slashdot.org. I think the use of passwords needs serious re-examination as far as what is trying to be accomplished, and this paper fuels a much-needed discussion.
« Are policies mandatory and guidelines optional? | Main | Calabrese’s Razor Metric »
14 July 2009
Comments
Search
Categories
- Center for Cyber Safety and Education (52)
- Cloud Security (137)
- Cybersecurity Certifications (387)
- Cybersecurity Training (315)
- Cybersecurity Workforce (254)
- Digital Forensics (30)
- Ethics (53)
- Government (127)
- Insider Risk (57)
- ISC2 Chapters (22)
- ISC2 Events (166)
- IT Security (389)
- Legal (46)
- Malware (116)
- Network Security (178)
- Operations Security (144)
- Privacy (117)
- Ransomware (90)
- Risk (204)
- Software Development (46)
- Spotlight (71)