Blog

The Guy Who Invented Those Annoying Password Rules Now Regrets Wasting Your Time

Date Published: Wed, 9 Aug 2017 14:17:34 +0200

The Guy Who Invented Those Annoying Password Rules Now Regrets Wasting Your Time

We’ve all been forced to do it: create a password with at least so many characters, so many numbers, so many special characters, and maybe an uppercase letter. Guess what? The guy who invented these standards nearly 15 years ago now admits that they’re basically useless. He is also very sorry.

The man in question is Bill Burr, a former manager at the National Institute of Standards and Technology (NIST). In 2003, Burr drafted an eight-page guide on how to create secure passwords creatively called the “NIST Special Publication 800-63. Appendix A.” This became the document that would go on to more or less dictate password requirements on everything from email accounts to login pages to your online banking portal. All those rules about using uppercase letters and special characters and numbers—those are all because of Bill.

Simple math shows that a shorter password with wacky characters is much easier to crack than a long string of easy-to-remember words. This classic XKCD comic shows how four simple words create a passphrase that would take a computer 550 years to guess, while a nonsensical string of random characters would take approximately three days.

It's about the length and not the type of characters per se (yes a bigger source of characters is a bit more difficult, but the clincher is actually the length). Something not mentioned is this "need" to change a password every 30 days. Why would you do that if you could rather choose one good long password. The downside of the 30 day rule is users either then write the password down or they choose to just change one character....

See http://gizmodo.com/the-guy-who-invented-those-annoying-password-rules-now-1797643987
 

The Guy Who Invented Those Annoying Password Rules Now Regrets Wasting Your Time
We’ve all been forced to do it: create a password with at least so many characters, so many numbers, so many special characters, and maybe an uppercase letter. Guess what? The guy who invented these standards nearly 15 years ago now admits that they’re basically useless. He is also very sorry.

Source link

The Guy Who Invented Those Annoying Password Rules Now Regrets Wasting Your Time

Date Published: Wed, 9 Aug 2017 14:17:34 +0200

The Guy Who Invented Those Annoying Password Rules Now Regrets Wasting Your Time

We’ve all been forced to do it: create a password with at least so many characters, so many numbers, so many special characters, and maybe an uppercase letter. Guess what? The guy who invented these standards nearly 15 years ago now admits that they’re basically useless. He is also very sorry.

The man in question is Bill Burr, a former manager at the National Institute of Standards and Technology (NIST). In 2003, Burr drafted an eight-page guide on how to create secure passwords creatively called the “NIST Special Publication 800-63. Appendix A.” This became the document that would go on to more or less dictate password requirements on everything from email accounts to login pages to your online banking portal. All those rules about using uppercase letters and special characters and numbers—those are all because of Bill.

Simple math shows that a shorter password with wacky characters is much easier to crack than a long string of easy-to-remember words. This classic XKCD comic shows how four simple words create a passphrase that would take a computer 550 years to guess, while a nonsensical string of random characters would take approximately three days.

It's about the length and not the type of characters per se (yes a bigger source of characters is a bit more difficult, but the clincher is actually the length). Something not mentioned is this "need" to change a password every 30 days. Why would you do that if you could rather choose one good long password. The downside of the 30 day rule is users either then write the password down or they choose to just change one character....

See http://gizmodo.com/the-guy-who-invented-those-annoying-password-rules-now-1797643987
 

The Guy Who Invented Those Annoying Password Rules Now Regrets Wasting Your Time
We’ve all been forced to do it: create a password with at least so many characters, so many numbers, so many special characters, and maybe an uppercase letter. Guess what? The guy who invented these standards nearly 15 years ago now admits that they’re basically useless. He is also very sorry.

Source link

Dumping Windows and installing Linux Mint, in just 10 minutes

Date Published: Wed, 9 Aug 2017 13:15:14 +0200

[ad_1]

Dumping Windows and installing Linux Mint, in just 10 minutes

Interesting blow-by-blow account of one man's 10 min journey to install Linux Mint on his netbook. You can see exactly what is involved at http://www.zdnet.com/article/dumping-windows-and-installing-linux-mint-in-just-10-minutes/.

I had a similar experience a few years back with my Samsung netbook when I could not find all the Windows XP drivers for the camera and Ethernet adaptor, so I installed Ubuntu instead. Everything just worked out of the box and I was pretty impressed. I still use that netbook nearly 10 years later.

Dumping Windows and installing Linux Mint, in just 10 minutes | ZDNet
One of my netbooks needed refreshing, and I decided to dump Windows completely and install only Linux Mint. The entire process took 10 minutes. Here are the details.

[ad_2]

Source link

Dumping Windows and installing Linux Mint, in just 10 minutes

Date Published: Wed, 9 Aug 2017 13:15:14 +0200

[ad_1]

Dumping Windows and installing Linux Mint, in just 10 minutes

Interesting blow-by-blow account of one man's 10 min journey to install Linux Mint on his netbook. You can see exactly what is involved at http://www.zdnet.com/article/dumping-windows-and-installing-linux-mint-in-just-10-minutes/.

I had a similar experience a few years back with my Samsung netbook when I could not find all the Windows XP drivers for the camera and Ethernet adaptor, so I installed Ubuntu instead. Everything just worked out of the box and I was pretty impressed. I still use that netbook nearly 10 years later.

Dumping Windows and installing Linux Mint, in just 10 minutes | ZDNet
One of my netbooks needed refreshing, and I decided to dump Windows completely and install only Linux Mint. The entire process took 10 minutes. Here are the details.

[ad_2]

Source link

Sweden scrambles to tighten data security as scandal claims two ministers

Date Published: Tue, 8 Aug 2017 22:41:56 +0200

[ad_1]

Sweden scrambles to tighten data security as scandal claims two ministers

Sweden’s government has sought urgent assurances on data security from national agencies including the health, education and pensions services after a huge leak of private and sensitive information that has cost two ministers their jobs.

Amid reports by the Dagens Nyheter newspaper that confidential medical details were being handled by unscreened IT workers in Romania, the national broadcaster SVT said data outsourcing arrangements at six state agencies were being checked.

One transport agency official told police the data that IT workers in the Czech Republic, Serbia and Romania were processing without security clearance under the agreement was equivalent to “the keys to the kingdom”, Dagens Nyheter said.

Swedish IT experts told SVT the incident showed the government’s ignorance of how state agencies handle confidential and sensitive information. “This really shows their low level of expertise on how IT security is handled by the authorities,” said one consultant, Lars Mårelius.

See https://www.theguardian.com/technology/2017/aug/01/sweden-scrambles-to-tighten-data-security-as-scandal-claims-two-ministers

Sweden scrambles to tighten data security as scandal claims two ministers | World news | The Guardian

[ad_2]

Source link

Sweden scrambles to tighten data security as scandal claims two ministers

Date Published: Tue, 8 Aug 2017 22:41:56 +0200

[ad_1]

Sweden scrambles to tighten data security as scandal claims two ministers

Sweden’s government has sought urgent assurances on data security from national agencies including the health, education and pensions services after a huge leak of private and sensitive information that has cost two ministers their jobs.

Amid reports by the Dagens Nyheter newspaper that confidential medical details were being handled by unscreened IT workers in Romania, the national broadcaster SVT said data outsourcing arrangements at six state agencies were being checked.

One transport agency official told police the data that IT workers in the Czech Republic, Serbia and Romania were processing without security clearance under the agreement was equivalent to “the keys to the kingdom”, Dagens Nyheter said.

Swedish IT experts told SVT the incident showed the government’s ignorance of how state agencies handle confidential and sensitive information. “This really shows their low level of expertise on how IT security is handled by the authorities,” said one consultant, Lars Mårelius.

See https://www.theguardian.com/technology/2017/aug/01/sweden-scrambles-to-tighten-data-security-as-scandal-claims-two-ministers

Sweden scrambles to tighten data security as scandal claims two ministers | World news | The Guardian

[ad_2]

Source link

Replacement battery for my Google Nexus 6P phone arrived today, along with tools to do the job

Date Published: Tue, 8 Aug 2017 21:38:10 +0200

[ad_1]

Replacement battery for my Google Nexus 6P phone arrived today, along with tools to do the job

My phone also picked up the dreaded battery problem a few months back (it basically dies when the battery reaches 25%). As the battery is not normally replaceable, and an assortment of tools is required to do the job. So it all arrived today and I need to schedule the courage now to get it done. It will either be all better.... or all worse...

The battery is not available locally and neither were many of the tools... the price of buying imported phones without replaceable batteries.... but the freedom makes it worthwhile!

[ad_2]

Source link

Replacement battery for my Google Nexus 6P phone arrived today, along with tools to do the job

Date Published: Tue, 8 Aug 2017 21:38:10 +0200

[ad_1]

Replacement battery for my Google Nexus 6P phone arrived today, along with tools to do the job

My phone also picked up the dreaded battery problem a few months back (it basically dies when the battery reaches 25%). As the battery is not normally replaceable, and an assortment of tools is required to do the job. So it all arrived today and I need to schedule the courage now to get it done. It will either be all better.... or all worse...

The battery is not available locally and neither were many of the tools... the price of buying imported phones without replaceable batteries.... but the freedom makes it worthwhile!

[ad_2]

Source link

The cost the drought in Cape Town - our 5,000L water tank arrived today

Date Published: Tue, 8 Aug 2017 21:36:40 +0200

[ad_1]

The cost the drought in Cape Town - our 5,000L water tank arrived today

I'm really not looking forward to hauling this tank over the roof to get it into the back garden. But this will help save on us using drinking water for the garden, flushing toilets, etc.

[ad_2]

Source link

The cost the drought in Cape Town - our 5,000L water tank arrived today

Date Published: Tue, 8 Aug 2017 21:36:40 +0200

[ad_1]

The cost the drought in Cape Town - our 5,000L water tank arrived today

I'm really not looking forward to hauling this tank over the roof to get it into the back garden. But this will help save on us using drinking water for the garden, flushing toilets, etc.

[ad_2]

Source link

Subscribe to GadgeteerZA Blog Posts