Password cracking by the book is expensive, complicated and difficult to scale. Trying to crack passwords on laptops is comparatively slow and unhelpful. Investing in a rack of Nvidia graphics cards to do all the heavy lifting is so costly that the added value is nearly impossible to communicate. At the end of March, Ryan Basden, Manager of Cyber Risk at […]
Or: how I learned to stop worrying and love AWS GPU clusters.
Passwords are terrible.
And I don’t mean just your Netflix password or your home Wi-Fi password. I’m talking about passwords as […]
How to keep the keys to the kingdom from escaping the kingdom.
Proper password management is a huge step that an organization can take to strengthen security. It also addresses multiple criteria for all the major security frameworks. For example, see examples from ISO 27001 and SOC 2 as of the date of this writing:
ISO 27001 A9.4.2: Where required by the access […]
Last week I helped a few friends with setting up a new website for their business and their associated email accounts for the domain. At one point in the process, one of them told me the password they wanted to use to access the site. Not shockingly, it was something rudimentary and simple.
Despite more and more of us being educated on […]
Data breaches are a dime a dozen these days. But when hackers steal databases full of customer info, login names and passwords, the passwords themselves aren’t usually sitting out in plain sight. Typically the passwords will be cryptographically hashed.
Hashing a password is the process of taking a string of any length (the password in this example) and producing a fixed length […]