Microsoft - Research

Microsoft Password Guidance

This paper provides Microsoft’s recommendations for password management based on current research and lessons from our own experience as one of the largest Identity Providers (IdPs) in the world. It covers recommendations for end users and identity administrators.

Read More
MIT's Time-Sharing Computer

Passwords Evolved: Authentication Guidance for the Modern Era

Here’s the bigger picture of what all this guidance from governments and tech companies alike is recognising: security is increasingly about a composition of controls which when combined, improve the overall security posture of a service. What you’ll see across this post is a collection of recommendations which all help contribute to a more robust solution by virtue of complementing one another.

Read More
U.S. Dept. of Homeland Security - CyberSecurity and Infrastructure Security Agency - Logo

Home Network Security

Word to the Wise: A router comes configured with many vendor default settings. Many of these settings are public knowledge and make your router susceptible to attacks. Remember to change your router default log-in password during your initial setup!

Read More

Before You Use a Password Manager

Medium.. June 5, 2019
By Stuart Schechter

“I cringe when I hear self-proclaimed experts implore everyone to “use a password manager for all your passwords” and “turn on two-factor authentication for every site that offers it.” As most of us who perform user research in security quickly learn, advice that may protect one individual may harm another. Each person uses technology differently, has a unique set of skills, and faces different risks.”

Read More
William Hugh Murray

An Interview with William Hugh Murray – A discussion of the rapidly evolving realm of practical cyber security

Communications of the ACM, March 2019
By Peter J. Denning

“What has changed over those years is not the need for security, but the risks and costs of insecurity. It should be clear to a casual reader of the news, let alone those with access to intelligence sources, that what we are doing is not working. It is both costly and dangerous… Most of the resistance to using these practices comes from loss of convenience. Good security is not convenient. But it is absolutely necessary for the security of our assets and the reliability of the many critical systems on which we all depend.”

Read More