The Fifth Amendment to the US Constitution bars people from being forced to turn over personal passwords to police, the Pennsylvania Supreme Court ruled this week. Read More
Digest Article
Topic: Password Security
Password strength is a measure of the effectiveness of a password against guessing or brute-force attacks. In its usual form, it estimates how many trials an attacker who does not have direct access to the password would need, on average, to guess it correctly. The strength of a password is a function of length, complexity, and unpredictability.
Using strong passwords lowers overall risk of a security breach, but strong passwords do not replace the need for other effective security controls.
Digest Article
Clear and Creepy Danger of Machine Learning: Hacking Passwords
Not too long ago, it was considered state of the art research to make a computer distinguish cats vs dogs. Now image classification is 'Hello World' of Machine Learning (ML), something one can implement in just a few lines of code using TensorFlow. Read More
CSIAC Report
Security-Conscious Password Behavior from the End-User’s Perspective
Watch The CSIAC Podcast video on this Report: https://www.csiac.org/podcast/security-conscious-password-behavior/ Introduction Even though technical solutions for security problems are widespread, there are no adequate security measures against precarious user behavior. Even if hashing and encrypting are used correctly in masking the passwords, attackers Read More
Podcast
Security-Conscious Password Behavior from the End-User’s Perspective
Even though technical solutions for security problems are widespread, there are no adequate security measures against precarious user behavior. Even if hashing and encrypting are used correctly in masking the passwords, attackers can bypass these strongpoints by going for the weakest link. Most likely this will happen through sharing a password, using an Read More
Digest Article
Most Hacked Passwords Revealed as UK Cyber Survey Exposes Gaps in Online Security
The NCSC's first 'UK cyber survey' published alongside global password risk list. Read More
Digest Article
Microsoft Knows Password-Expiration Policies are Useless
Microsoft isn't doing away with its password-expiration policies across the board, but the blog post makes the company's stance clear: expiring passwords does little good. Read More
Digest Article
Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years
Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees - in some cases going back to 2012, KrebsOnSecurity has learned. Facebook says an ongoing investigation has so far found no indication that employees have abused access to this data. Read More
Podcast
Password Security
We are all overwhelmed with login credentials for our various personal and professional accounts. Having said that, so much important information relies on our ability to generate and maintain a secure password. In practice we find weaknesses in our own human nature is too often our worst enemy, not a malicious attacker. This video demonstrates the Read More
Digest Article
1.4 Billion Clear Text Credentials Discovered in a Single Database
A Massive Resource for Cybercriminals Makes it Easy to Access Billions of Credentials. Read More
Podcast
Account Security – Simple Steps to Online Safety
Protecting our various login credentials is both difficult and very important! Here are some useful tips for securing social media and email accounts: Create secure passphrases that are at least 12 characters in length Use different passphrases for each account Use a reputable password manager to keep track of your current passwords. Browse CSIAC Read More
Air Force Research Laboratory (AFRL)
Apple
Artificial Intelligence (AI)
Autonomy and Autonomous Systems
Biometrics
Cloud Computing
Critical Infrastructure Protection (CIP)
Cryptocurrency
Cryptography
cyberattack
Cyber Legislation
Cyber Physical Systems (CPSs)
Cybersecurity Training
Cyberwarfare
Cyber Workforce
Data Breach
Data Privacy
Data Security
Defense Technical Information Center (DTIC)
DoD Acquisition Lifecycle
Encryption
Industrial Control Systems (ICS)
Insider Threat
Internet of Things (IoT)
Intrusion Detection
Linux
Machine Learning (ML)
Malware
Microsoft
Mobile Security
National Cyber Security Awareness Month (NCSAM)
National Institute of Standards and Technology (NIST)
Network Security
Open Source Software
Operational Technology (OT)
Password Security
Phishing
Protecting Controlled Unclassified Information (CUI)
Quantum Computing
Ransomware
Risk Management Framework (RMF)
Secure Software
Software Assurance
Vulnerability
Workplace Security
