password strength Archives

Home » password strength

What can I do to improve the security of my digital information?

Dave Farquhar security March 11, 2017August 12, 20181990s, Adobe Reader, apple, computer security, Libre Office, Microsoft Office, office 2007, password strength, passwords, toshiba, USB flash drive, Western Digital

On Monday, March 13 at approximately 10:30 AM CST, I will be appearing on KFUO Radio’s Faith and Family program to discuss home computer security with host Andy Bates. One of the questions he’s planning to ask: “What can I do to improve the security of my digital information?”

This, fortunately, may be the easiest question to answer and the easiest step to implement.

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.

dfarq.homeip.net

You need a Yubikey.

Dave Farquhar security November 14, 2013computer security, lowercase letters, marx, password database, password strength, passwords, Two-factor authentication, usb port, yahoo

I mentioned the Yubikey as the ultimate solution stolen passwords on the excellent Yahoo Marx Train forum, and another member asked me to elaborate on it. Rather than take up a lot of space with some off-topic discussion, I decided it would be better to write about it here.

The Yubikey is the best solution I’ve seen yet for the problem of remembering passwords. I am a computer security professional by trade, but I will try to avoid as much techno-jargon as I can, and explain what I do use.

Dave Farquhar

dfarq.homeip.net

Why your favorite web site’s password strength meter is full of hooey

Dave Farquhar security May 29, 2013November 29, 2018Ars Technica, password strength, passwords, randomness

Ars Technica talked three password crackers into doing their worst to a leaked database of 16,000 passwords, to see what they could learn.

They learned a lot, and we can learn a lot from their experience as well. “qeadzcwrsfxv1331” isn’t a good password. Neither is “Philippians4:13.” Neither is “correcthorsebatterystaple.” Neither is “Qbesancon321” or “Qbe$@ncon321.” Password guessing has too much intelligence built into it now.

And not only that, by continuing to use the password “popcorn,” you make it easier for those guys to guess other passwords too. Read more

Dave Farquhar

dfarq.homeip.net

How to pick a decent password

Dave Farquhar security March 6, 2013March 5, 20131990s, decent password, mainframe, password strength, passwords

Although I write about passwords about 8 times a week, it seems, it occurs to me that I haven’t–at least not recently, that I can find–written about how to make up a halfway decent password.

So, here’s how to make a decent–I won’t say great–password.

Dave Farquhar

dfarq.homeip.net

Some lessons from cracking the compromised Linkedin password database

Dave Farquhar security June 12, 2012command prompt, decent password, LinkedIn, password database, password requirements, password strength, passwords, randomness

Here’s a blow-by-blow account of a security researcher’s attempts to crack the compromised Linkedin database. This is a very good example of ethical hacking.
Read more

Dave Farquhar

dfarq.homeip.net