Piss poor security

User avatar
Richard
Posts: 945
Joined: Wed Apr 11, 2018 5:03 pm

Re: Piss poor security

Post by Richard »

NotoriousREV wrote: Fri Jan 17, 2020 2:53 pm 6 characters, lower case and no special characters would be broken in seconds.
If the website allowed you to try typing in a million passwords per second
User avatar
NotoriousREV
Posts: 6436
Joined: Wed Apr 11, 2018 4:14 pm

Re: Piss poor security

Post by NotoriousREV »

Richard wrote: Thu Jan 23, 2020 9:27 am
NotoriousREV wrote: Fri Jan 17, 2020 2:53 pm 6 characters, lower case and no special characters would be broken in seconds.
If the website allowed you to try typing in a million passwords per second
Or an employee gets hold of the user DB. Or their piss poor security means an outside attacker gets hold of their user DB. Or, as you say, the website just accepts the brute force attack from a distributed botnet.

It’s almost as if they should be protecting from more than just a single attack vector.

But what do I know? I’m only a mere trained and qualified security professional with 25 years experience.
Middle-aged Dirtbag
User avatar
Mito Man
Posts: 12152
Joined: Wed Apr 11, 2018 4:27 pm

Re: Piss poor security

Post by Mito Man »

NotoriousREV wrote: Thu Jan 23, 2020 9:33 am
Richard wrote: Thu Jan 23, 2020 9:27 am
NotoriousREV wrote: Fri Jan 17, 2020 2:53 pm 6 characters, lower case and no special characters would be broken in seconds.
If the website allowed you to try typing in a million passwords per second
Or an employee gets hold of the user DB. Or their piss poor security means an outside attacker gets hold of their user DB. Or, as you say, the website just accepts the brute force attack from a distributed botnet.

It’s almost as if they should be protecting from more than just a single attack vector.

But what do I know? I’m only a mere trained and qualified security professional with 25 years experience.
Come back on here when you have 125 years experience. Sheesh.
How about not having a sig at all?
User avatar
dinny_g
Posts: 6623
Joined: Wed Apr 11, 2018 4:31 pm

Re: Piss poor security

Post by dinny_g »

NotoriousREV wrote: Thu Jan 23, 2020 9:33 am But what do I know? I’m only a mere trained and qualified security professional with 25 years experience.
Isn't the correlation between Password lengths and update frequency intended to protect against brute force attack. Something like a 10 character password might take 5 months to crack to update frequency is set at 3 months or summat ???
JLv3.0 wrote: Thu Jun 21, 2018 4:26 pm I say this rarely Dave, but listen to Dinny because he's right.
Rich B wrote: Thu Jun 02, 2022 1:57 pm but Dinny was right…
User avatar
NotoriousREV
Posts: 6436
Joined: Wed Apr 11, 2018 4:14 pm

Re: Piss poor security

Post by NotoriousREV »

dinny_g wrote: Thu Jan 23, 2020 10:44 am
NotoriousREV wrote: Thu Jan 23, 2020 9:33 am But what do I know? I’m only a mere trained and qualified security professional with 25 years experience.
Isn't the correlation between Password lengths and update frequency intended to protect against brute force attack. Something like a 10 character password might take 5 months to crack to update frequency is set at 3 months or summat ???
10 characters without special characters would be a couple of weeks maximum. I doubt the bank is asking people to reset their passwords ever, let alone every 2 weeks.

Using update frequency to defend against cracking passwords is the dumbest strategy I ever heard of.
Middle-aged Dirtbag
User avatar
dinny_g
Posts: 6623
Joined: Wed Apr 11, 2018 4:31 pm

Re: Piss poor security

Post by dinny_g »

and that's why you're the security expert and I'm not... :lol:
JLv3.0 wrote: Thu Jun 21, 2018 4:26 pm I say this rarely Dave, but listen to Dinny because he's right.
Rich B wrote: Thu Jun 02, 2022 1:57 pm but Dinny was right…
User avatar
duncs500
Posts: 5551
Joined: Wed Apr 11, 2018 8:59 pm

Re: Piss poor security

Post by duncs500 »

Honestly Rev, coming down here with your actual knowledge and experience. It's just not the done thing.

Matty, that should be a warning.
User avatar
NotoriousREV
Posts: 6436
Joined: Wed Apr 11, 2018 4:14 pm

Re: Piss poor security

Post by NotoriousREV »

I have a 1 hour security presentation I could give you on how to protect yourself online, if you’d like? :lol:
Middle-aged Dirtbag
User avatar
Jackleg
Posts: 132
Joined: Wed Apr 11, 2018 9:36 pm

Re: Piss poor security

Post by Jackleg »

Ooo yes, please. Then I could forward it to Westpac so that they would then know about internet security.
User avatar
mik
Posts: 14673
Joined: Wed Apr 11, 2018 6:15 pm

Re: Piss poor security

Post by mik »

NotoriousREV wrote: Thu Jan 23, 2020 11:52 am I have a 1 hour security presentation I could give you on how to protect yourself online, if you’d like? :lol:
I would pay 8.73 mockdiamonds for that.
User avatar
NotoriousREV
Posts: 6436
Joined: Wed Apr 11, 2018 4:14 pm

Re: Piss poor security

Post by NotoriousREV »

mik wrote: Thu Jan 23, 2020 11:57 am
NotoriousREV wrote: Thu Jan 23, 2020 11:52 am I have a 1 hour security presentation I could give you on how to protect yourself online, if you’d like? :lol:
I would pay 8.73 mockdiamonds for that.
I don’t get out of bed for less than 8.84 mockdiamonds.
Middle-aged Dirtbag
User avatar
mik
Posts: 14673
Joined: Wed Apr 11, 2018 6:15 pm

Re: Piss poor security

Post by mik »

NotoriousREV wrote: Thu Jan 23, 2020 12:11 pm
mik wrote: Thu Jan 23, 2020 11:57 am
NotoriousREV wrote: Thu Jan 23, 2020 11:52 am I have a 1 hour security presentation I could give you on how to protect yourself online, if you’d like? :lol:
I would pay 8.73 mockdiamonds for that.
I don’t get out of bed for less than 8.84 mockdiamonds.
I accept your proposal to present from your bed.

Our contract is established.
User avatar
ShockDiamonds
Posts: 815
Joined: Thu Apr 12, 2018 9:23 pm

Re: Piss poor security

Post by ShockDiamonds »

But you'd have to use my wallet tech to complete the contract. And that's chocker with viruses according to the internet...
User avatar
NotoriousREV
Posts: 6436
Joined: Wed Apr 11, 2018 4:14 pm

Re: Piss poor security

Post by NotoriousREV »

Coming soon to Pornhub Live...
Middle-aged Dirtbag
User avatar
ShockDiamonds
Posts: 815
Joined: Thu Apr 12, 2018 9:23 pm

Re: Piss poor security

Post by ShockDiamonds »

NotoriousREV wrote: Thu Jan 23, 2020 12:41 pm Coming soon on Pornhub Live...
FTFY
User avatar
Simon
Posts: 5506
Joined: Wed Apr 11, 2018 4:03 pm

Re: Piss poor security

Post by Simon »

Having looked around, Westpac's answer to this is that after 3 unsuccessful logins they lock your account for 24 hours.
The artist formerly known as _Who_
User avatar
Beany
Posts: 8080
Joined: Wed Apr 11, 2018 5:27 pm

Re: Piss poor security

Post by Beany »

ShockDiamonds wrote: Thu Jan 23, 2020 12:41 pm
NotoriousREV wrote: Thu Jan 23, 2020 12:41 pm Coming soon on Pornhub Live...
FTFY
I'd buy that for a dollar!

No, wait, I'd pay many multiples of a dollar to not see that.

From either of you.

Ya pervs.
User avatar
NotoriousREV
Posts: 6436
Joined: Wed Apr 11, 2018 4:14 pm

Re: Piss poor security

Post by NotoriousREV »

Simon wrote: Thu Jan 23, 2020 1:03 pm Having looked around, Westpac's answer to this is that after 3 unsuccessful logins they lock your account for 24 hours.
Which is great if that's the attack vector used by hackers.
Middle-aged Dirtbag
User avatar
Simon
Posts: 5506
Joined: Wed Apr 11, 2018 4:03 pm

Re: Piss poor security

Post by Simon »

Exactly
The artist formerly known as _Who_
User avatar
Rich B
Posts: 11534
Joined: Wed Apr 11, 2018 4:22 pm
Currently Driving: T6.1 VW Transporter combi
S1 Lotus Elise

Re: Piss poor security

Post by Rich B »

mik wrote: Thu Jan 23, 2020 12:34 pm
NotoriousREV wrote: Thu Jan 23, 2020 12:11 pm
mik wrote: Thu Jan 23, 2020 11:57 am

I would pay 8.73 mockdiamonds for that.
I don’t get out of bed for less than 8.84 mockdiamonds.


I accept your proposal to present from your bed.

Our contract is established.
:lol:
Post Reply