Welcome to HakProof.com. This site is my attempt to reach out beyond the physical classroom to the community at large to help each of you increase your personal SQ or Security Quotient. Today was my 12th visit to WHTC 1450 AM radio station in Holland Michigan to be a guest on the daily show, Talk of the Town.
Click on Link to access the Podcast, of my time on today’s show:http://whtc.com/podcasts/talk-of-the-town-today/99/updates-passwords-ai-james-allen-june-21/
New Password Guidelines by NIST
- New password guidelines say everything we thought about passwords is wrong
- DRAFT NIST Special Publication 800-63B: Digital Identity Guidelines
These guidelines are optional, yet often used, for non-governmental organizations.
- Three of the more relavent new password rules:
- No more periodic password changes – Many organizations and some websites often require frequent password changes to the frustrations of users. This new ruling eliminates this requirement. This does not eliminate the need to change passwords when a breach is suspected.
- No more imposed password complexity – The need for a password to have at least one lower case and upper case letters, a number and special characters is no longer a requirement. This does not mean that you are safe to use simple passwords.
- Mandatory validation of newly created passwords – In order to make up for the recinded complexity requirement, new passwords need to be validated against a large dictionary of known, easily hackable, passwords such as 12345678 or Pa$$w0rd.
- Password length is still critical part of a good password, the longer the better, with a minimum of 8 characters.
- The use of multi-factor authentication, is an important way to increase the strengh of a user name/password.
Electronic Restrictions on Airlines
“Why we can’t have nice things” (or take our nice things traveling with us)
- These restrictions only affect flights to the United States and Britain passing through ten airports located in eight Muslim-majority countries.
- Israei Cyberoperators infaltrated a small cell of extremist bomb makers working t0 create explosives that could pass through x-ray machines and other screening methods, by looking exactly like batteries in laptops.
- Cell phones are OK, but any electronic device larger than a smartphone has to be stowed in the baggage hold.
Microsoft Used Artificial Intelligence to Combat Global Tech Support Scams.
http://www.techrepublic.com/article/microsoft-used-ai-to-combat-global-tech-support-scams/
- Microsoft used AI to combat worldwide tech support scams as part of the FTC’s Operation Tech Trap.
- Machine learning was used to sort through content that was collected to determine if it was part of the fraudulent scams.
- The team also used Microsoft’s computer vision API to collect data like phone numbers from content associated with the scam.