There has always been a hot topic of getting rid of SMS 2FA because of its insecurities. NIST was going to drop it from its recommendation but backed out after much controversy. Now in 2020, a Princeton University study has come out demonstrating how bad SMS 2FA can be exploited. They even went as far …
Here is what you need to do if your online accounts are being hacked. Need Help Creating Passwords? Use this to generate a random password. Right now the best thing you can do is use a password you’ve never used before. The reason we change your email password first is that it can be used …
It’s not every day I come across something so wrong about password managers that it moves me to write a response. Michael Horowitz writes the article in question, you can read it here The main point of the article is that password managers are bad, and using formula based passwords are good. I’ve already done …
Who do you trust more? 200 websites to store your passwords or yourself? If you’re not using a password manager, you’re trusting 200 websites* to secure your same or similar passwords. This is like living in a neighborhood where everyone’s house keys are the same. It’s only a matter of time before one house key …
If you don’t trust password managers or fear “putting all your eggs in one basket” then the peppering method is for you. Note: Peppering your passwords also have been called salting, secret salt, double-blind passwords, and password splitting but peppering is the more correct term so that is what we’ll use. How To Pepper Your …
What keeps people from using a password manager is the classic dilemma of “putting all your eggs in one basket“. Let me show you that keeping all your passwords in one basket is more logical then what you’re already doing. The Simple Solution Peppering your passwords solves the problem of “keeping all your eggs in …