So, Tesco was hacked. Although there is no official word yet on how this happened, the chatter among people far smarter than me are suggesting the issue is related to passwords and the Tesco Club card.
I’m getting fed up with marketing that says “Passwords must die” only to present yet another solution that won’t replace them.
The challenge to solve is ubiquity – this is why passwords have stood the test of time, even with their obvious and proven shortcomings.
Dear Virgin Media
I recently decided it was time to change my password on my NTLWorld email account (managed by Virgin Media). I entered a new password only to be told “Password too long”. How long was my password? 11 characters. 10 characters are OK apparently. Continue reading “Why is my Password Too Long?”
At the Smart Homes and Building Association (SH&BA) “Smart Home Breakthrough Summit” last week, a new Cyber Security Manifesto was unveiled by CONTEXT, a leading European IT market analysis company, and the SH&BA Security Panel. Continue reading “The Smart Home Cyber Security Manifesto”
I’ve not blogged on two-factor authentication for a while – the roll out among major providers is encouraging – Come on Amazon and Virgin Media, it’s about time you stepped up.
Earlier in my career I had the privilege of working for Intercede, a company supplying smart card management systems. A core capability was the ability to manage the card lifecycle and credential lifecycle (e.g., PKI certificate), as distinct from other systems that manage credentials and placed them on cards without managing the card lifecycle. A part of the sales pitch was if you don’t manage the card lifecycle in the system, you will end up with a spreadsheet to manage the cards.
Continue reading “Smart Card Management – Choose your process carefully”
Readers of this blog will know that I am a strong advocate of two-factor authentication, commenting on it in various blog articles.
This article by Paul Moore caught my attention this week:
Continue reading “Does Two Factor Authentication Actually Weaken Security?”
Two-factor authentication and two-step verification are different things.
They are remarkably similar in concept, the difference being the trust model.
Continue reading “Independent Factors”
You will no doubt have seen by now the news that naughty photos of celebrities have appeared on the internet.
It’s the story that has everything – cyber security, the dangers of the cloud, online safety and a little bit of smut thrown in for good measure.