Troy Hunt

DECEMBER 19, 2017

Back in September, a number of people pointed me at Experian's "FREE Dark Web Email Scan" (capitalisation is theirs, not mine) because on the surface of it, it seemed similar to my Have I Been Pwned (HIBP) service. Report URI needs a password as well because you need to be able to login. That is absolutely ridiculous!

Data breaches 53

Data breaches Personal data GDPR Data collection 53

KnowBe4

JULY 5, 2023

Use PasswordIQ to find which users are sharing passwords and which ones have weak passwords See the fully automated user provisioning and onboarding Find out how 60,000+ organizations have mobilized their end-users as their human firewall. Executive Reports - Create, tailor and deliver advanced executive-level reports NEW!

Phishing 81

Phishing Security awareness Passwords Computer and Electronics 81

Troy Hunt

DECEMBER 4, 2017

In this case, that secret is her password and, well, just read it: My staff log onto my computer on my desk with my login everyday. To be fair to Nadine, she's certainly not the only one handing her password out to other people. In fact I often forget my password and have to ask my staff what it is. No one else has access.

Passwords 81

Passwords Access Risk Security 81

Troy Hunt

JANUARY 16, 2019

Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. In total, there are 1,160,253,228 unique combinations of email addresses and passwords. This is when treating the password as case sensitive but the email address as not case sensitive. There are 21,222,975 unique passwords. It'll be 99.x%

Data breaches 112

Data breaches Passwords Risk Personal data 112

Troy Hunt

JUNE 15, 2023

Here's mine: One of the problems the dashboard approach helps tackle is unsubscribing on an individual domain basis. It was an all or nothing affair that nuked the lot of them whereas now, it's a domain-by-domain exercise. Email addresses were passed in and Twitter profiles returned. 98% were already in @haveibeenpwned.

IT 93

IT Cloud Mining Metadata 93

Robert's Db2

JUNE 6, 2013

In connecting to DB2, the application utilizes a particular ID and password. Ask each user to keep track of, and to use as appropriate, a RACF ID (and password) in addition to his or her network ID? That trusted context would define the circumstances in which the privileges granted to a role could be exercised by a user.

Authentication 48

Authentication Passwords Mining Access 48

ForAllSecure

MAY 2, 2023

That, of course, was not all, but it is an example of how someone -- anyone on the internet -- can take a photo or blog post or Yelp review from social media, or some other seemingly random open source item and tie it back to a crime. You had to figure out how to configure Kermit, get passwords to get on. Mine was 2000.

IT 40

IT Sales Security Honeypots 40