Last week I posted about reviewing passwords and mentioned using a password manager as part of that effort. DaniSQL noted in a comment a whitepaper about some browser vulnerabilities that can impact password managers – http://isecpartners.github.io/whitepapers/passwords/2013/11/05/Browser-Extension-Password-Managers.html. It’s a quick read and as always when we talk about security it often seems like can nothing be […]Read more "More on Password Managers"
I use a password manager and it currently has more than 150 accounts in it, ranging from my checking account and other personal stuff to logins to MSDN, various client VPN’s, and more. Almost all of the passwords are unique. Ideally they would be unique, but sometimes I sacrifice ease of use for maximum security. […]Read more "Schedule Time To Review Your Passwords & Using a Password Manager"
Something you have and something you know – that’s the heart of two-factor, sometimes called multi-factor, authentication. RSA was for years the most common. You use either the key fob hardware device or the software app to get a ‘code’ that you enter in addition to your ID and your (hopefully) strong password. The code […]Read more "Two-Factor Authentication"