Security Flaws

respectyoda

respectyoda

Active Member
Joined
Sep 26, 2004
Messages
1,251
Reaction score
4
Even though this article is less than two years old, this shows the importance of taking the proper steps to securing our accounts that can be accessed online.

Security Flaws
 
lol that poor bastard. that's why dozens of my accounts have different passwords and have multi-layered security protocols. and all accounts have different security questions, different answers, different etc.

that poor bastard's amazon account got hacked and then the entire building came crumbling down on him.

non-essential accounts especially social medias are not daisy-chained with my high-sensitive accounts. I don't keep anything essential in any cloud site.
 
Jiro said:
lol that poor bastard. that's why dozens of my accounts have different passwords and have multi-layered security protocols. and all accounts have different security questions, different answers, different etc.

that poor bastard's amazon account got hacked and then the entire building came crumbling down on him.

non-essential accounts especially social medias are not daisy-chained with my high-sensitive accounts. I don't keep anything essential in any cloud site.
Click to expand...

It is good your accounts have different passwords and multi-layered security protocols.

I look for the day when most, if not all, security will be biometric-based. At work, to clock in and out, there is a biometric machine that detects one's fingerprints.

Know what the bittersweet irony is in that article? The author who wrote of his fateful day being hacked happened to be a tech-journalist!
 
respectyoda said:
It is good your accounts have different passwords and multi-layered security protocols.

I look for the day when most, if not all, security will be biometric-based. At work, to clock in and out, there is a biometric machine that detects one's fingerprints.

Know what the bittersweet irony is in that article? The author who wrote of his fateful day being hacked happened to be a tech-journalist!
Click to expand...

I'm not a supporter of biometric-based.
 
Jiro said:
I'm not a supporter of biometric-based.
Click to expand...

Why are you not a supporter of biometric-based security? Are you afraid someone may chop off your hand and use it on a biometric-based security gadget that you frequently use? Ha.

This just made me think of the movie - Minority Report.
 
respectyoda said:
Why are you not a supporter of biometric-based security? Are you afraid someone may chop off your hand and use it on a biometric-based security gadget that you frequently use? Ha.

This just made me think of the movie - Minority Report.
Click to expand...

lol

passwords will always be hacked. if you got hacked and a hacker got ahold of your biometric information... that's gonna make this security flaws look like a pick-a-nose. you do realize that if all accounts are biometric-based.... that's just one password for everything.

the more convenience it is to access your account, the easier it is to hack your account. obviously - the best security practice is usually difficult, inconvenient, and pain-in-the-ass like memorizing different password for each account, setting up multi-layered protocols, etc.

the best approach is to develop a robust security software and probably a device with you that rotates codes. personally - I like the android's pattern lock.
 
Jiro said:
lol

passwords will always be hacked. if you got hacked and a hacker got ahold of your biometric information... that's gonna make this security flaws look like a pick-a-nose. you do realize that if all accounts are biometric-based.... that's just one password for everything.

the more convenience it is to access your account, the easier it is to hack your account. obviously - the best security practice is usually difficult, inconvenient, and pain-in-the-ass like memorizing different password for each account, setting up multi-layered protocols, etc.

the best approach is to develop a robust security software and probably a device with you that rotates codes. personally - I like the android's pattern lock.
Click to expand...

Biometric-based security is stronger than password-based security. This is because biometrics rely on our biological traits that make us unique. Take fingerprints for instance. No one can hack our fingerprints unless they chomp off our hands. However, with password-based security, there are complex algorithms that use brute-force. I am appalled when people use common and simple passwords such as "12345" or "password". What is ideal and doesn't cost much would be two-factor authentication.

I do like Android's pattern lock too even though I don't have an Android phone.

The one of the best security plans that can be implemented if passwords are being used is to force the user to change passwords every number of days (i.e. 30 days or 60 days) and the new passwords cannot be the same as the ones used in the last 120 days or so.

Another would be to enforce strong passwords that cannot be easily cracked. Algorithms such as using regular expressions can be useful in detecting the strength of password an user is creating to sign up for an account and informing the user how to make it stronger if it is weak before allowing the user to register.
 
respectyoda said:
Biometric-based security is stronger than password-based security. This is because biometrics rely on our biological traits that make us unique. Take fingerprints for instance. No one can hack our fingerprints unless they chomp off our hands. However, with password-based security, there are complex algorithms that use brute-force. I am appalled when people use common and simple passwords such as "12345" or "password". What is ideal and doesn't cost much would be two-factor authentication.

I do like Android's pattern lock too even though I don't have an Android phone.

The one of the best security plans that can be implemented if passwords are being used is to force the user to change passwords every number of days (i.e. 30 days or 60 days) and the new passwords cannot be the same as the ones used in the last 120 days or so.

Another would be to enforce strong passwords that cannot be easily cracked. Algorithms such as using regular expressions can be useful in detecting the strength of password an user is creating to sign up for an account and informing the user how to make it stronger if it is weak before allowing the user to register.
Click to expand...

it's still hackable. like I said - once a hacker has hacked into any account (Target, Walmart, Amazon, etc.).... they now have a copy of your biometric information and that means they can access ANY of your account with ease.

biometric password = all eggs in one basket.

the most practical solution now is to carry a "password" card or install an app in your smartphone that would rotate password every few minutes. Google does this.
 
h440D4E17
 
Yes, this is true. There is no such thing as fool-proof security out there. Having a fool proof security is a dream, that is all… Wake up!

You see, what happened at Target is that customers like everybody else swiped the card at Target payment terminal. Somehow there is a link connected to HVAC contractor server where they got hacked went straight to the card swipe machines and pick up all the information, like your credit card number, AVS, full name, address, and so on… Viola! all information needed, charge more! That broken link was not supposed to happen, but because there was human error on it making security a true flaw.

Jiro said:
it's still hackable. like I said - once a hacker has hacked into any account (Target, Walmart, Amazon, etc.).... they now have a copy of your biometric information and that means they can access ANY of your account with ease.

biometric password = all eggs in one basket.

the most practical solution now is to carry a "password" card or install an app in your smartphone that would rotate password every few minutes. Google does this.
Click to expand...
 
respectyoda said:
Biometric-based security is stronger than password-based security. This is because biometrics rely on our biological traits that make us unique. Take fingerprints for instance. No one can hack our fingerprints unless they chomp off our hands. However, with password-based security, there are complex algorithms that use brute-force. I am appalled when people use common and simple passwords such as "12345" or "password". What is ideal and doesn't cost much would be two-factor authentication.

I do like Android's pattern lock too even though I don't have an Android phone.

The one of the best security plans that can be implemented if passwords are being used is to force the user to change passwords every number of days (i.e. 30 days or 60 days) and the new passwords cannot be the same as the ones used in the last 120 days or so.

Another would be to enforce strong passwords that cannot be easily cracked. Algorithms such as using regular expressions can be useful in detecting the strength of password an user is creating to sign up for an account and informing the user how to make it stronger if it is weak before allowing the user to register.
Click to expand...

iPhone 5S has fingerprint support but it already hacked.
 
diehardbiker said:
Yes, this is true. There is no such thing as fool-proof security out there. Having a fool proof security is a dream, that is all… Wake up!

You see, what happened at Target is that customers like everybody else swiped the card at Target payment terminal. Somehow there is a link connected to HVAC contractor server where they got hacked went straight to the card swipe machines and pick up all the information, like your credit card number, AVS, full name, address, and so on… Viola! all information needed, charge more! That broken link was not supposed to happen, but because there was human error on it making security a true flaw.
Click to expand...

we're not talking about a foolproof security. that's a moot point. we already know that.

what we're talking about is a robust system. a robust protocol. IMO - biometric-based security is just as bad as 12345 as a password.
 
Hello? He thinks Biometric security is fool-proof, aren't we taking about this as well? MMMMWAHAHAHAHA Man! this is getting funnier! :roll:

Jiro said:
we're not talking about a foolproof security. that's a moot point. we already know that.

what we're talking about is a robust system. a robust protocol. IMO - biometric-based security is just as bad as 12345 as a password.
Click to expand...
 
respectyoda said:
Why are you not a supporter of biometric-based security? Are you afraid someone may chop off your hand and use it on a biometric-based security gadget that you frequently use? Ha.

This just made me think of the movie - Minority Report.
Click to expand...
Some people don't have fingerprints.
 
Reba said:
Some people don't have fingerprints.
Click to expand...

Yeah, that's true. Some people don't have them because of a rare genetic mutation, but the number of people not having fingerprints is really small anyway.
 
those who lost their arm/hand or are born without arms/hands is another subgroup with the genetic mutation.

Speaking of apps mentioned above-- does anyone have a favorite or use one? I'm looking at them now. I have way too many things to remember (as I do try to vary the passwords) so it's impossible to remember them all let alone complex passwords (my brain is needed for other things).
I was going to post a thread but this seems as good a spot to ask :)
 
Foxrac said:
iPhone 5S has fingerprint support but it already hacked.
Click to expand...

I didn't realize you posted here. Ha. Yeah, I read an article way back when the iPhone 5S debuted that a cat was able to put his (or was it her) paw on the locked phone and the fingerprint sensors "detected" the paw and unlocked it. This was hilarious.

DeafDucky said:
those who lost their arm/hand or are born without arms/hands is another subgroup with the genetic mutation.

Speaking of apps mentioned above-- does anyone have a favorite or use one? I'm looking at them now. I have way too many things to remember (as I do try to vary the passwords) so it's impossible to remember them all let alone complex passwords (my brain is needed for other things).
I was going to post a thread but this seems as good a spot to ask :)
Click to expand...

Here's a good one for the iPhone. Take a look:

An Security App
 
respectyoda said:

I didn't realize you posted here. Ha. Yeah, I read an article way back when the iPhone 5S debuted that a cat was able to put his (or was it her) paw on the locked phone and the fingerprint sensors "detected" the paw and unlocked it. This was hilarious.
Click to expand...

Yes, I'm wondering about what Apple said about fingerprint sensor got hacked.

I remember most laptops used to had fingerprints by 2000s but not anymore due to security flaws.
 
Reba said:
Some people don't have fingerprints.
Click to expand...

on one of my fingers - I have a partial print because when I was a kid, I put my hand in the blender machine :eek3:
 
Back
Top