Some Good News in Security (for a change): Ersatz Passwords

Started by deanwebb, May 21, 2015, 04:25:30 PM

Previous topic - Next topic

deanwebb

https://threatpost.com/ersatz-scheme-deceives-hackers-protects-stored-passwords/112973

Basically, hackers that are running cracking programs against a system using ersatz passwords *must* have access to the account database hardware to know if they have a successful crack. I like this.

Of course, it still doesn't cure the following kind of stupid:

"Do you have a secure password?"
"I sure do."
"I don't believe it."
"No, it is really secure."
"Really?"
"Yes."
"Tell it to me."
"Sure, it's g&HHX43#19BRee549^."
"Wow, I stand corrected, that is pretty secure."
"Told you so."
:doh:
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.

NetworkGroover

Quote from: deanwebb on May 21, 2015, 04:25:30 PM
https://threatpost.com/ersatz-scheme-deceives-hackers-protects-stored-passwords/112973

Basically, hackers that are running cracking programs against a system using ersatz passwords *must* have access to the account database hardware to know if they have a successful crack. I like this.

Of course, it still doesn't cure the following kind of stupid:

"Do you have a secure password?"
"I sure do."
"I don't believe it."
"No, it is really secure."
"Really?"
"Yes."
"Tell it to me."
"Sure, it's g&HHX43#19BRee549^."
"Wow, I stand corrected, that is pretty secure."
"Told you so."
:doh:

Yep!  I'm not a security guy, but I ran into a guy at Starbucks who was wearing a shirt that literally had me laughing out loud.  I was walking past him and the front of his shirt said, "Social Engineering Specialist".  Naturally I'm like, "Oh cool, an IT guy.", so I turned around to look back and the back of his shirt said, " Because there is no patch for human stupidity."

:rofl:
Engineer by day, DJ by night, family first always

hizzo3



Quote from: AspiringNetworker on May 21, 2015, 05:02:24 PM
Yep!  I'm not a security guy, but I ran into a guy at Starbucks who was wearing a shirt that literally had me laughing out loud.  I was walking past him and the front of his shirt said, "Social Engineering Specialist".  Naturally I'm like, "Oh cool, an IT guy.", so I turned around to look back and the back of his shirt said, " Because there is no patch for human stupidity."

:rofl:
That is awesome. I want that t-shirt