Troy Hunt

JULY 12, 2018

Even the government has been pushing to drive adoption of HTTPS for all sites, for example in this post by the National Cyber Security Centre in the UK : all websites should use HTTPS, even if they don't include private content, sign-in pages, or credit card details. Is it needed? Does it do any good?

Risk 110

Risk Phishing Encryption IT 110

Troy Hunt

JULY 13, 2018

An Amazing Way to Deal with Change in Your Work and in Your Life. Your static website needs HTTPS (I kinda love this video, it was fun and the feedback has been sensational ). For those struggling to accept the change, I suggest having a read of Who Moved My Cheese? References.

Passwords 45

Passwords Military Data breaches Phishing 45

Troy Hunt

SEPTEMBER 17, 2020

I want a "secure by default" internet with all the things encrypted all the time such that people can move freely between networks without ever needing to care about who manages them or what they're doing with them. Here's the value proposition of a VPN in the modern era: 1. I mean what's the remaining gap?

Privacy 143

Privacy Phishing Encryption Security 143

Troy Hunt

MARCH 31, 2021

If you've landed on this page because you saw a strange message on a completely different website then followed a link to here, drop a note to the site owner and let them know what happened. Well naturally, you "Monetize Your Business with Your Users' CPU Power" which was Coinhives's modus operandi. The website is dead.

Security 145

Security Mining Paper Libraries 145

Troy Hunt

JULY 23, 2018

Make sure your site redirects to #HTTPS , so you don’t have the same problem. After all the advanced warnings combined with all we know to be bad about serving even static sites over HTTP , what sort of sites are left that are neglecting such a fundamental security and privacy basic? Cloudflare makes it easy! Data Source.

Security 66

Security IT Government Communications 66

Troy Hunt

SEPTEMBER 5, 2018

This is a repository of 517M passwords from previous data breaches that organisations can refer to in order to stop people from using passwords which have previous been breached ( the launch blog post talks about why that's important). Here's [link] running on the *free* plan: 99.0% cache hit ratio on requests and 99.5%

Passwords 95

Passwords IT Data structuring Cloud 95

Troy Hunt

NOVEMBER 5, 2018

Often it's related to data breaches or sloppy behaviour on behalf of some online service playing fast and loose with HTTPS or passwords or some other easily observable security posture. But on a fairly regular basis, I get an email from someone which effectively boils down to this: Hey, have you seen [insert thing here]?

Passwords 90

Passwords Authentication Data breaches Marketing 90