Security or convenience is no longer an acceptable trade-off when it comes to cybersecurity. They must be mutually inclusive, otherwise employees will circumvent security for their own personal convenience. NIST and Microsoft understands this to a degree, but in the latest NIST Password Guidelines SP 800-63-3 the recommendations favors password convenience over password security.
Posts Tagged: Passwords
Don’t kill passwords because the industry is confused between password authentication and password management.
Yes, Passwords are Secure! They are not going away; they can’t. The attacks we see daily is not a password authentication problem, but rather a password management nightmare. Has your organization put their employees into the role of Network Security Administrator? If you allow them to generate, remember, type, manage and know their logon passwordsRead… Read more »
Throughout the second quarter of 2015, the Center for Internet Security’s Multi-State Information Sharing and Analysis Center (MS-ISAC) noted a significant increase in the number of account compromises impacting state, local, tribal and territorial (SLTT) governments. What can you do to help minimize these account compromises?
OmniStudio is often asked if WordPress sites are more vulnerable to security breaches than other content management platforms. With all websites, even those run by Fortune 500 companies, the threat of hacking is ever present, regardless of the platform it’s built within. Professional website design and development firms who use open source platforms, like WordPress orRead… Read more »
When cracking passwords becomes as difficult as cracking keys, then passwords will be secure. When it comes to security implementations, there is a big difference between the theoretical and the practical. In the theoretical world all algorithms work flawlessly, there are no infrastructure vulnerabilities, and security protects against every attack. However, in the real worldRead… Read more »
By Dovell Bonnett, Founder and CEO, Access Smart, LLC In a world of ever-increasing cyber-attacks, IT invests massive amounts of time, energy and money to secure corporate networks and data. Because there are no silver bullets, many different security technologies attempt to address each potential threat. With so many different vulnerability points, the first lineRead… Read more »
To a computer, a key is a series of zeroes and ones used to authenticate knowledge of a secret to complete a requested task. To a computer, a password is a series of zeroes and ones used to authenticate knowledge of a secret to complete a requested task. Wait a minute; both a password and… Read more »
Everyone loves their downtime. However, what we don’t consider is the wasted time and productivity loss as we wait to get access to the things we need to do our jobs effectively. We’ve all experienced it before; as a user we need to request access, that request is routed to the appropriate approver, and dependingRead… Read more »
On January 12, a group claiming to be connected to ISIS hacked the Twitter and YouTube accounts of U.S. Central Command, also known as CENTCOM. If the military can be hacked, is your agency’s social media vulnerable to a hacker attack? How can your agency protect itself on social media? The hack of CENTCOM’s socialRead… Read more »