Security Basics
Bank Of Montreal Online Security Oct 26 2012 07:07PM
mrtolton gmail com (1 replies)
RE: Bank Of Montreal Online Security Oct 29 2012 02:05PM
Trey Keifer (trey keifer wireharbor com) (1 replies)
RE: Bank Of Montreal Online Security Oct 29 2012 08:19PM
Alexander A. Kelner (a kelner noc brsi ru) (1 replies)
RE: Bank Of Montreal Online Security Oct 31 2012 02:26PM
Dave Kleiman (dave davekleiman com) (1 replies)
RE: Bank Of Montreal Online Security Oct 31 2012 08:49PM
Alexander A. Kelner (a kelner noc brsi ru) (2 replies)
Re: Bank Of Montreal Online Security Nov 01 2012 02:57PM
Juan F. Campos - Computalleres.com (jfcampos computalleres com) (1 replies)
Re: Bank Of Montreal Online Security Nov 01 2012 06:23PM
Alexander A. Kelner (a kelner noc brsi ru)
Re: Bank Of Montreal Online Security Nov 01 2012 01:53PM
Alexander Meesters (a meesters sansyl com) (2 replies)
RE: Bank Of Montreal Online Security Nov 01 2012 04:24PM
Hough, Kenneth P (kenneth phough WPI EDU) (1 replies)
RE: Bank Of Montreal Online Security Nov 01 2012 06:31PM
Alexander A. Kelner (a kelner noc brsi ru) (1 replies)
Re: Bank Of Montreal Online Security Nov 01 2012 08:36PM
Michael Peppard (mpeppard impole com) (1 replies)
Re: Bank Of Montreal Online Security Nov 02 2012 05:09AM
Davin Enigl (davinenigl comcast net) (1 replies)
RE: Bank Of Montreal Online Security Nov 02 2012 10:01AM
Mike Vella (mike bakerross co uk)
Re: Bank Of Montreal Online Security Nov 01 2012 04:12PM
Davin Enigl (davinenigl comcast net)
After all the discussion such as this:

On 11/01/2012 06:53 AM, Alexander Meesters wrote:
> Yes, it's very easy to remember, but I think this method for password
> setting is not as strong as it may appears :-)
>
> The phrase "Which password length is more secure - that is a question"
> contains not 58 "random chars", but 11 only, because each word must be
> considered as a single symbol in the vocabulary, say for brute force attack.

Passwords are obsolete because of replay attack. Why not simply use one
of the many one-time-password tokens now available? If you want to add a
password in front of that in case the token is stolen, OK.

The bottom line continues to be use s, hash and double salt.

Better than that, use that long high-entropy password as a
pre-authentication password before either a static Yubikey for
two-factor authentication or a one-time-code Yubikey, best. Or something
similar to a Yubikey, that is time-based (eBay/PayPal).

Naked passwords are on LIFE-SUPPORT and dying fast.

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus