Tag Archives: Heartbleed

Biometrics do not solve password problems

21 Apr

One year on from the Heartbleed episode, we see more and more reports of passwords being stolen. Every time it happens some commentator or vendors will come forward and say biometrics are the answer.

They are not…

Continue reading

The 12 Themes of 2014

17 Dec

Rather than bring you the 12 Days of Christmas, we’ve done the 12 themes of 2014 instead! A look back at what has been making the headlines in the world of Information Security (and beyond) this year. Take a moment to relive the year……  Continue reading

Changing 40+ Passwords: Supplementary

22 Jul

In a previous blog series, I described my fun, games and gripes at changing 40+ passwords. Soon after the blog was posted, it struck me – there are yet more to change…

Continue reading

Virgin Media’s Super Hub breaks if you use a long password

27 Jun

While changing all my passwords, I decided to change my Virgin Media Super Hub password. Wish I hadn’t…

Continue reading

Security and Convenience: Natural Enemies or Strange Bedfellows?

19 Jun

I last blogged about Talk*InfoSec which happened on May 29th.

Continue reading

Changing 40+ Passwords: Alarm bells

27 May

Previously in this blog series, I looked at the process of changing and remembering 40+ passwords and recounted a few of the annoyances. In this final part, I document a big concern – in some cases changing my password was pointless (well, not quite but almost…)

Continue reading

Changing 40+ Passwords: Annoyances

20 May

In the first part of this blog series, I looked at the process of changing and remembering 40+ passwords. In this part, I recount a few of the annoyances I uncovered…
Continue reading

Changing 40+ Passwords: Thanks Heartbleed

13 May

Following the Heartbleed revelations, the security advice from the great and good was to change all passwords. To support World Password Day, I changed over 40 other them – quite an interesting exercise. Alarmingly, it appears I am still vulnerable.
Continue reading

Heartbleed – Can CRLs cope?

14 Apr

It has been shown that Heartbleed can be used to leak SSL private keys (if the attackers are lucky). So now many experts are recommending that you revoke and re-issue SSL certificates for your web server. Can the certificate revocation mechanism cope?
Continue reading

Heartbleed: Biometrics are not the answer

12 Apr

Following on from Heartbleed, there have been poorly judged calls from many to change all your passwords.
Continue reading