Gânduri Eclectice – Eclectic Thoughts

Time flies when you're having fun. Measure spiders when you're not.

Tag: user behaviour

4th Oct 2024

Password Guidance from NIST

At the end of August 2024, NIST issued some new guidance documentation (SP-800). Of specific interest is their recommendations around passwords (in SP-800-63B) – because it conflicts with what many organisations actually do, and addresses a few bugbears of mine. Even with widespread adoption of Multi-Factor Authentication (MFA), passwords are not dead & buried yet.
Read more
1st Oct 2024

Key (un) Safes

You may have seen a few previous articles of mine on locks; this and this talk about one type of mechanical keysafe. This talks about master keying systems and their inherent vulnerabilities. I find locks fascinating from an information point of view. And today I’m looking at the human side of these common devices. You’ll
Read more