password list Archives

Home » password list

Minor-League hacking in the MLB

Dave Farquhar Baseball, security June 17, 2015June 17, 2015breach, cardinals, FBI, license plate, Major League, password list, prison

So, about a year ago, the Houston Astros announced their internal player database had been breached. This week, more details emerged, pointing right at the St. Louis Cardinals.

It wasn’t a terribly sophisticated attack. You knew I’d write about this, but I’ll explore it from an IT security perspective more than from a baseball perspective.

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.

dfarq.homeip.net

Although it’s counterintuitive, AT&T’s new password policy makes sense

Dave Farquhar security April 4, 2013April 4, 2013AT&T, leaks, password list, password requirements, passwords

AT&T has a new password policy that forbids the use of certain common words in passwords, including some words of a colorful nature.

Yes, it reduces the number of possible passwords, but that isn’t exactly a bad thing.

Dave Farquhar

dfarq.homeip.net

The ethics of writing nefarious security instructions

Dave Farquhar security March 28, 2013March 25, 2013apple, Ars Technica, malware, oracle, password database, password list, passwords, unix

This week I posted a link to a video showing how to crack a WPS-enabled wifi network, and this week, Ars Technica wrote a firsthand account of cracking a password list. I’m sure this raises questions of ethics in some people’s minds. To be honest, spreading this kind of information makes me a little uncomfortable too, but I also think it’s necessary.

Dave Farquhar

dfarq.homeip.net

Ways to keep your password from being guessed–today

Dave Farquhar security August 23, 2012August 23, 2012AES, Ars Technica, excel, office 2007, password list, Password Safe, passwords, steve gibson, Two-factor authentication

Articles like Ars Technica’s Why passwords have never been weaker — and crackers have never been stronger are getting more and more common these days.

In a positive development, I don’t think the story had been live more than an hour or two before people started asking me questions. That’s good, because that tells me that people care.
Read more

Dave Farquhar

dfarq.homeip.net