tag:blogger.com,1999:blog-71370316232328186362024-03-13T16:31:40.655-07:00Deadbolt Password Generator BlogUnknownnoreply@blogger.comBlogger6125tag:blogger.com,1999:blog-7137031623232818636.post-49640473307668561652012-06-08T01:46:00.002-07:002012-06-08T01:46:09.798-07:00Last.fm Recommend Password Change After LeakMusic site Last.fm is recommending that users<a href="http://www.last.fm/passwordsecurity" target="_blank"> change their passwords immediately</a> after some passwords have apparently been leaked. This follows professional social networking site LinkedIn, and eHarmony suffering a similar problem.<div>
<br /></div>
<div>
While the Last.fm passwords have yet to turn up on any web site, they take privacy very seriously and are recommending immediate action.</div>
<div>
<br /></div>
<div>
Remember when changing your password you need a strong one - ideally containing combinations of lower/upper case letters, numbers and characters. Use <a href="http://www.deadboltpasswordgenerator.com/" target="_blank">Deadbolt Password Generator</a> to <a href="http://www.deadboltpasswordgenerator.com/" target="_blank">turn your memorable phrases into strong passwords</a> to make them easier to remember.</div>
<div>
<br /></div>
<div>
Strong passwords will keep you safe from hash dictionary attacks which users of LinkedIn <a href="http://blog.deadboltpasswordgenerator.com/2012/06/linkedin-passwords-leaked.html" target="_blank">were recently left vulnerable for</a>, but as always, never reveal your passwords to anyone, and never write them down.</div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7137031623232818636.post-60506824737137224152012-06-06T12:14:00.004-07:002012-06-06T12:14:54.490-07:00LinkedIn Passwords LeakedLinkedIn users are being advised to change their passwords today after a file has appeared on a Russian web site containing hashed passwords of millions of users.<br />
<br />
Whilst the passwords are hashed (a non-reversible process that obscures the password for storage purposes), this can still pose a problem for those of you with commonly used passwords such as 'password' or '1234' etc. Hackers have a dictionary of hashes for common passwords and can match these against any of the exposed details to gain access to your account and to your contacts.<br />
<br />
As always, choosing a strong password is essential to stay safe on-line and protect your details. Use <a href="http://www.deadboltpasswordgenerator.com/" target="_blank">Deadbolt Password Generator</a> to turn memorable phrases into strong passwords that are secured from this kind of attack.<br />
<br />
Don't get caught out - <a href="http://www.deadboltpasswordgenerator.com/" target="_blank">act now</a>!Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-7137031623232818636.post-47355915217806799402011-12-06T08:09:00.001-08:002011-12-06T10:35:17.180-08:00Deadbolt gets a new lookIt's been a while, and the current interface is looking a bit stale. The new version is fully backwards compatible but things are laid out a little differently.<br />
<br />
------------------<br />
<br />
<b>What's New:</b><br />
<b><br /></b><br />
General new look and feel:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHCn4J9C774WQLat0BYdN8IbWL-zRELrv0A0VsUqP1OkB1Na9NgdfvCCeACDMnaisuSjQS50SaVI8RVHJdlDX56j_WzAsHwM2I3e77tii-shIYeXnaRs-NJLRMipn6V4A_DUo18qcmU_g/s1600/Deadbolt+Password+Generator.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="189" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiHCn4J9C774WQLat0BYdN8IbWL-zRELrv0A0VsUqP1OkB1Na9NgdfvCCeACDMnaisuSjQS50SaVI8RVHJdlDX56j_WzAsHwM2I3e77tii-shIYeXnaRs-NJLRMipn6V4A_DUo18qcmU_g/s320/Deadbolt+Password+Generator.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
PIN Number is now entered on a keypad with the mouse, to make entry simpler:</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIe65Ba6ADkjmYSTAXLFsr5OXvCszuK3rZQAiI3ic1tS-4asZEjcsKgigMa7X3WqW7x6FBhpE0FZDVtfp9OVsMrd8sVseTGRryAQlnoxPfiszREFvhE71p8vBu7pZh4JfCJUd8XLryO3s/s1600/pin.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="244" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgIe65Ba6ADkjmYSTAXLFsr5OXvCszuK3rZQAiI3ic1tS-4asZEjcsKgigMa7X3WqW7x6FBhpE0FZDVtfp9OVsMrd8sVseTGRryAQlnoxPfiszREFvhE71p8vBu7pZh4JfCJUd8XLryO3s/s320/pin.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Memorable phrases can now be masked or entered in plain text, to ensure no typos are made when they are first entered:</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTzo1CeT8oErfDxt9xkb7D_TI6cPmePYX1dmhCTnVGDpuutE9zzdFMQ0b2H8bXvSLdRPTdDuSs5dQjCXDxLbeGpTzgDZEe9ToVcfmnoYBmwvE2SD57ijEG9-cqqp8TBtaUKXIeTx7HLwQ/s1600/plain+text.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="192" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTzo1CeT8oErfDxt9xkb7D_TI6cPmePYX1dmhCTnVGDpuutE9zzdFMQ0b2H8bXvSLdRPTdDuSs5dQjCXDxLbeGpTzgDZEe9ToVcfmnoYBmwvE2SD57ijEG9-cqqp8TBtaUKXIeTx7HLwQ/s320/plain+text.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
New font for password reveal, making it more readable and easier to distinguish between zero and the letter 'O':</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcOiEmRfNaBeoLiLT8SGcwgZA5Rudr0Jo8VaRYBC1J_RnLieT3MgUcRZN1VAU5Udv_0V3GjVj_kly83k0u74LqN-hrZ6L_m2hUoXf2JEhyZ2JATOi2nPL3rFQ2kf9-uzlOmPQi-adesOE/s1600/font.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="52" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjcOiEmRfNaBeoLiLT8SGcwgZA5Rudr0Jo8VaRYBC1J_RnLieT3MgUcRZN1VAU5Udv_0V3GjVj_kly83k0u74LqN-hrZ6L_m2hUoXf2JEhyZ2JATOi2nPL3rFQ2kf9-uzlOmPQi-adesOE/s320/font.png" width="320" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
------------------</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
This is not live on the actual site yet, however for those of you eager to give it a try, please visit the <a href="http://www.deadboltpasswordgenerator.com/beta.htm" target="_blank">the beta site</a> for a sneak preview. Please also use the comments section on this blog to leave feedback about the new look.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Thanks, and stay safe!</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>Unknownnoreply@blogger.com1tag:blogger.com,1999:blog-7137031623232818636.post-43758858001859629022011-02-06T14:39:00.000-08:002011-02-06T14:39:07.406-08:00Dealing with 3D SecureIf you've shopped online recently you should already be familiar with 3D Secure, even if you don't know what it is. It's the recent initiative by credit card companies to enhance the security of online transactions.<br />
<br />
<b>How does it work?</b><br />
<b><br />
</b><br />
Well, without getting too technical, you are required to register a password with the issuing bank (usually by providing some personal information such as a date of birth) which you enter each time a transaction is made. Most online retailers insert an additional step into the checkout process which opens an iFrame containing a form hosted on the bank's servers - for example:<br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2E4KWf2RIYViRjhjriuN8VyEnFb7rZpmXIIOqP_VCm7_QGeO2XRdy1alBrMfcP2ADuhrMaoB1gvZ283-1YUOqebSGzXnc8Japyf-gpnQ1iW0gJn_eRYVPTBXlGmuYnNlihW-OF865eZQ/s1600/fin_3dsec.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2E4KWf2RIYViRjhjriuN8VyEnFb7rZpmXIIOqP_VCm7_QGeO2XRdy1alBrMfcP2ADuhrMaoB1gvZ283-1YUOqebSGzXnc8Japyf-gpnQ1iW0gJn_eRYVPTBXlGmuYnNlihW-OF865eZQ/s320/fin_3dsec.png" width="296" /></a></div><div class="separator" style="clear: both; text-align: center;"><br />
</div><div class="separator" style="clear: both; text-align: left;"><b>What's your problem with 3D Secure?</b></div><div class="separator" style="clear: both; text-align: left;"><br />
</div><div class="separator" style="clear: both; text-align: left;">Whilst I advocate any attempt to make online security better, it's still not ideal:</div><div class="separator" style="clear: both; text-align: left;"></div><ul><li><i>It's generally implemented as an iframe</i><br />
Most merchants don't like you to leave their site, and prefer their branding to remain intact, so they open them in an iframe. This is fine in principal, but since iframes open other web sites, and you don't directly see the URL - how do you know for sure that the page is coming from the bank's server?</li>
<li><i>Password reset mechanism</i><br />
This has been <a href="http://www.theregister.co.uk/2008/10/23/vbyv_password_reset/">widely acknowledged</a> as a flaw. Sometimes, along with the card details, a date of birth is all that is required to proceed.</li>
<li><i>It's yet another password to remember</i><br />
This isn't a flaw, but I'm willing to put good money on the fact most people choose something very simple for their password, or use the same password as they do for every other site on the web!</li>
<li><i>It complicates the checkout process</i><br />
Most merchants are reluctant to use this feature in their checkout, as they send their buyers off site at the most critical phase of their purchase. Buyers first have to remember their password, and then count out the characters on their fingers trying to remember what the third, fourth, and seventh characters are.</li>
</ul><div><b>How can the process be made simpler?</b></div><div><b><br />
</b></div><div>Whilst we can't change the bank's process, we can change our own behaviour, and address the last two points.</div><div><br />
</div><div>Using Deadbolt Password Generator we can <a href="http://www.deadboltpasswordgenerator.com/">create strong passwords from easily memorable phrases</a>, and also take advantage of a nice feature which splits the characters up so you don't have to count on your fingers any more!</div><br />
<br />
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOfULXCHQF9pyykAwYMCCgLllONGXpSwiPXx217oJ_6BK6tm3G7WnLGJxvwIRBwceYJon2Cfi6SwtQw5WEO2wcD8uwtW9T4vOXx0vRpUObfRsZnMe915DAmAIzu0hmcq47kvnYQe27l5E/s1600/chars.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="165" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOfULXCHQF9pyykAwYMCCgLllONGXpSwiPXx217oJ_6BK6tm3G7WnLGJxvwIRBwceYJon2Cfi6SwtQw5WEO2wcD8uwtW9T4vOXx0vRpUObfRsZnMe915DAmAIzu0hmcq47kvnYQe27l5E/s400/chars.png" width="400" /></a></div><div class="separator" style="clear: both; text-align: center;"><br />
</div><div class="separator" style="clear: both; text-align: left;">So there you have it - a secure memorable password with a simpler entry system.</div><div class="separator" style="clear: both; text-align: left;"><br />
</div><div class="separator" style="clear: both; text-align: left;">Stay safe.</div>Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-7137031623232818636.post-54533325116368416362011-01-28T14:31:00.000-08:002011-01-28T14:31:33.913-08:00Amazon Password SecurityI found an interesting article today on CNET, regarding an <a href="http://crave.cnet.co.uk/gadgets/older-amazon-passwords-have-an-interesting-flaw-50002387/">interesting flaw</a> in older account's password storage.<br />
<br />
It appears that only the first eight characters of the password are of any relevance, and any characters that follow are irrelevant. What does that mean for us? Well, you should probably give it a try to see if it is affecting your account, as the password you are using may not be as secure as you think. Apparently, it is only affecting older accounts, so <a href="http://www.deadboltpasswordgenerator.com/">generate yourself a fresh password</a> just to be sure.<br />
<br />
Stay safe.Unknownnoreply@blogger.com2tag:blogger.com,1999:blog-7137031623232818636.post-38114931145529388512011-01-20T14:27:00.000-08:002011-01-20T14:27:18.047-08:00Welcome to the Deadbolt Password Generator security blogAnother day. Another social network site hacked. Another exposé on common passwords used by users. Another 'shock' to discover that not only are the most common passwords painfully simple, they are also in use by almost every site used by that person.<br />
<br />
In the modern world though, individuals are expected to remember passwords for social sites, blogs, bank accounts, shopping sites, etc. - it's almost impossible to remember different ones for each, and even harder to come up with ones that are strong enough to resist brute force attacks.<br />
<br />
It's no surprise that people use simple passwords as they are easier to remember than strong passwords, and who wants to go through the inevitable 'forgotten password' process every time they log in?<br />
<br />
<a href="http://www.deadboltpasswordgenerator.com/">Deadbolt Password Generator</a> aims to make this process simpler by generating a strong password from a simple, memorable pass phrase. It's a free online service, that aims to make the web a simpler, safer place. This blog will be updated with security tips and advice to help you along the way.<br />
<br />
Please give it a try, and feel free to offer any feedback or ideas for improvements.<br />
<br />
Stay safe.Unknownnoreply@blogger.com4