Author, David Fletcher, Finding, Informational bad passwords, password, password policy, weak password

Finding: Weak Password Policy

David Fletcher// The weak password policy finding is typically an indicator of one of two conditions during a test: A password could be easily guessed using standard authentication mechanisms. A […]

Read the entire post here

Informational bad passwords, long passwords, password policy, passwords

An Open Letter about Big All-Powerful Company’s Password Policy

Kelsey Bellew // Dear Big All-Powerful Company, Your idea of a ‘strong password’ is flawed. When I first saw the following message, I laughed. I said out loud, “No, you […]

Read the entire post here

News bad passwords, bsides, CII, CII best practice badge, CONs, domain typo squatting, infosec cons, IoT, Lawrence's List, password fails, passwords, reverse engineering

Lawrence’s List 061016

Lawrence Hoffman // It’s been one of those crazy busy weeks. I always feel like I didn’t get enough time to read articles, surf Reddit, and attempt to keep up […]

Read the entire post here

Author, Brian King, Password Spray, Red Team bad passwords, password, passwords

Check\ Your\ Tools

Brian King // There’s a one-liner password spray script that a lot of folks use to see if anyone on a domain is using a bad password like LetMeIn! or […]

Read the entire post here