#Tag
This piece by @Edent is more than three years old but it contains plenty of good points about digital continuity and contingency.
https://shkspr.mobi/blog/2022/06/ive-locked-myself-out-of-my-digital-life/
This piece by @Edent is more than three years old but it contains plenty of good points about digital continuity and contingency.
https://shkspr.mobi/blog/2022/06/ive-locked-myself-out-of-my-digital-life/
"We tend to assume that the younger generations online are digital natives — having grown up immersed in the online world, they possess an innate understanding of cybersecurity and its risks.
However, our research has debunked this misconception: In fact, the password habits of an 18-year-old are strikingly similar to those of an 80-year-old."
"We tend to assume that the younger generations online are digital natives — having grown up immersed in the online world, they possess an innate understanding of cybersecurity and its risks.
However, our research has debunked this misconception: In fact, the password habits of an 18-year-old are strikingly similar to those of an 80-year-old."
Thieves steal $100M in jewels from Louvre after museum used own name as surveillance password.
French cybersecurity audit revealed museum ran outdated Windows Server 2003 software with unguarded rooftop access
https://www.foxnews.com/tech/thieves-steal-100m-jewels-from-louvre-after-museum-used-own-name-surveillance-password #globalmuseum #museums #Louvre #security #passwords
Distributed.net stores #passwords in plain text. I just received the following email.
@iMeddles the problem is not the nature of any of the authentication devices but rather the fact that you're losing the multi in multi-factor authentication.
With multi-factor authentication, if someone steals my security key, they still need to guess my #passwords. If someone cracks my passwords, they still need to get their hands on my key.
With #passkeys, this is no longer true and all your authentication and identity is rolled into one device that if compromised, compromises everything. #MFA
Password mangers are essential for protecting your digital identity! 🔒🔑
Which password manager do you use? & if you're not using one yet, take a look at the top 3 password managers for 2025.
Yes, password managers are important, and so is digital sovereignty — especially in these troubling times. That’s why it’s crucial to choose a password manager that operates outside the jurisdictions of the United States, Russia, and China
Heylogin — Germany, Europe
https://www.heylogin.com
pCloud Passwords — Switzerland Europe
https://www.pcloud.com/pass.html
Locker Password Manager — Vietnam, Asia
https://locker.io
Proton Pass vs BitWarden. Experience/opinions please?
Proton Pass vs BitWarden. Experience/opinions please?
I'm tired of web sites inflicting known-bad rules on passwords. Like what characters are required, or minimum length.
https://pages.nist.gov/800-63-4/sp800-63b/passwords/
https://www.schneier.com/blog/archives/2024/09/nist-recommends-some-common-sense-password-rules.html
https://tuta.com/blog/minimum-password-length
TL;DR: don't require specific classes of characters, require at least 15 characters.
I'd go for a minimum length of at least 16, myself. Brute force guessing is a thing and is dealt with by using longer passwords.
Any web site that doesn't follow these is just security incompetent.
I'm tired of web sites inflicting known-bad rules on passwords. Like what characters are required, or minimum length.
https://pages.nist.gov/800-63-4/sp800-63b/passwords/
https://www.schneier.com/blog/archives/2024/09/nist-recommends-some-common-sense-password-rules.html
https://tuta.com/blog/minimum-password-length
TL;DR: don't require specific classes of characters, require at least 15 characters.
I'd go for a minimum length of at least 16, myself. Brute force guessing is a thing and is dealt with by using longer passwords.
Any web site that doesn't follow these is just security incompetent.
Apparently there was a security leak at Paypal, so suggestion to change your password FAST and slap MFA on it if you don't have it yet.
Do note: passwords can't be longer than 20 characters and a hyphen is not allowed.
Hello security...
Boosts appreciated.
References:
https://cybernews.com/security/paypal-credential-dump-hacker-claims/
Are you using a password manager from
@1password, @bitwarden, @dashlane, #EnPass, #iCloud Passwords, @KeeperSecurity, #LastPass, @nordpass @protonprivacy or @roboform ?
Then you better check this and make sure that your web browser extension is up to date: https://marektoth.com/blog/dom-based-extension-clickjacking/
Why security experts recommend standalone password managers over browser-based options
Why security experts recommend standalone password managers over browser-based options
It's heartwarming to a greying geek that a 5000+ words retrospective on greytrapping is turning out to be popular - https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)
#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime
It's heartwarming to a greying geek that a 5000+ words retrospective on greytrapping is turning out to be popular - https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)
#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime
A space for Bonfire maintainers and contributors to communicate
