Notices by Anthony Collette :donor: / Loistava (anthonycollette@infosec.exchange)
-
Embed this notice
Anthony Collette :donor: / Loistava (anthonycollette@infosec.exchange)'s status on Monday, 08-Jan-2024 13:15:19 JST Anthony Collette :donor: / Loistava -
Embed this notice
Anthony Collette :donor: / Loistava (anthonycollette@infosec.exchange)'s status on Friday, 01-Dec-2023 01:29:11 JST Anthony Collette :donor: / Loistava From Polish cybersecurity expert Jakub Płuska, this fun SOC LEGO set concept. Gotta love those facial expressions!
-
Embed this notice
Anthony Collette :donor: / Loistava (anthonycollette@infosec.exchange)'s status on Sunday, 12-Nov-2023 08:10:49 JST Anthony Collette :donor: / Loistava -
Embed this notice
Anthony Collette :donor: / Loistava (anthonycollette@infosec.exchange)'s status on Saturday, 28-Oct-2023 21:26:00 JST Anthony Collette :donor: / Loistava -
Embed this notice
Anthony Collette :donor: / Loistava (anthonycollette@infosec.exchange)'s status on Saturday, 28-Oct-2023 11:18:37 JST Anthony Collette :donor: / Loistava -
Embed this notice
Anthony Collette :donor: / Loistava (anthonycollette@infosec.exchange)'s status on Sunday, 24-Sep-2023 17:49:18 JST Anthony Collette :donor: / Loistava -
Embed this notice
Anthony Collette :donor: / Loistava (anthonycollette@infosec.exchange)'s status on Tuesday, 06-Jun-2023 17:00:17 JST Anthony Collette :donor: / Loistava -
Embed this notice
Anthony Collette :donor: / Loistava (anthonycollette@infosec.exchange)'s status on Tuesday, 09-May-2023 09:02:01 JST Anthony Collette :donor: / Loistava Data
Information
Knowledge
Insight
WisdomThen things go off the rails . . . .
-
Embed this notice
Anthony Collette :donor: / Loistava (anthonycollette@infosec.exchange)'s status on Tuesday, 09-May-2023 09:01:59 JST Anthony Collette :donor: / Loistava -
Embed this notice
Anthony Collette :donor: / Loistava (anthonycollette@infosec.exchange)'s status on Tuesday, 09-May-2023 08:58:24 JST Anthony Collette :donor: / Loistava @Brahn Oh, awesome. Glad you found it.
As non-tech folks, my partner and I immediately encountered a surprising variety of opinion related to issues that ordinary consumers encounter.
So we tried very hard to look past all the opinions, and find some pieces of bedrock truth. Sort of looking for "dots" and finding ways to connect them. And thankfully there's the clear guidance from EFF, which any consumer can understand and apply.
If you notice anything I post that doesn't make sense, or seems off, please don't hesitate to point it out.
I'm not so much defending a point of view, as digging around looking for reliable bits of reality. Especially when those pieces of reality are actionable by ordinary consumers.
-
Embed this notice
Anthony Collette :donor: / Loistava (anthonycollette@infosec.exchange)'s status on Tuesday, 09-May-2023 08:58:19 JST Anthony Collette :donor: / Loistava “DIGITAL GARLIC” SCARES AWAY HACKERS
Time Management for Hackers
Attackers don’t bother brute-forcing passwords that are long or passwords that contain special characters.
Every one of us — hackers included — only have 24 hours in every day. So how do criminal hackers make the best use of their time when brute-forcing passwords?
Microsoft researcher Ross Bevington analyzed the usernames and passwords hackers entered from over 25 million brute-force attacks.
Here's the breakdown of 30 days' worth of attacks against passwords:
➡️ 6% attacked passwords over 10 characters in length.
➡️ 7% attacked passwords which included special characters.
➡️ 39% attacked passwords with numbers in them.
➡️ 0% attacked passwords with spaces.Hackers definitely *stayed away* from passwords which were longer (94% of the time), and they *didn't bother* spending much time cracking passwords which contained special characters (only 7% of the time).
Probably because of the common use of numbers at the end of passwords, hackers definitely honed in on digits.
But hackers *didn't even attempt* brute-forcing passwords with spaces, most likely because including spaces in passwords is still fairly uncommon.
From the article written by Catalin Cimpanu:
"The researchers' findings suggest that longer passwords that include special characters are most likely safe from the vast majority of brute-force attacks, as long as they haven't been leaked online and are part of attackers' brute-forcing dictionaries."
Should we include special characters (including spaces) in our passwords?
Here we have high-quality evidence collected by Microsoft at scale. It shows decisively that password length and the inclusion of special characters act like digital garlic, keeping the vampires and werewolves at bay — keeping the bad guys away from our online accounts.
How do ordinary consumers get this “digital garlic” in an easy way? They use a Password Manager.
https://therecord.media/attackers-dont-bother-brute-forcing-long-passwords-microsoft-engineer-says/
#Passwords
#PasswordManagers
#ComplexPasswords
#SpecialCharactersInPasswords
#TimeManagementForHackers
#DigitalGarlic
#Microsoft