Page 2 of 3
Re: Piss poor security
Posted: Thu Jan 23, 2020 9:27 am
by Richard
NotoriousREV wrote: ↑Fri Jan 17, 2020 2:53 pm
6 characters, lower case and no special characters would be broken in seconds.
If the website allowed you to try typing in a million passwords per second
Re: Piss poor security
Posted: Thu Jan 23, 2020 9:33 am
by NotoriousREV
Richard wrote: ↑Thu Jan 23, 2020 9:27 am
NotoriousREV wrote: ↑Fri Jan 17, 2020 2:53 pm
6 characters, lower case and no special characters would be broken in seconds.
If the website allowed you to try typing in a million passwords per second
Or an employee gets hold of the user DB. Or their piss poor security means an outside attacker gets hold of their user DB. Or, as you say, the website just accepts the brute force attack from a distributed botnet.
It’s almost as if they should be protecting from more than just a single attack vector.
But what do I know? I’m only a mere trained and qualified security professional with 25 years experience.
Re: Piss poor security
Posted: Thu Jan 23, 2020 10:04 am
by Mito Man
NotoriousREV wrote: ↑Thu Jan 23, 2020 9:33 am
Richard wrote: ↑Thu Jan 23, 2020 9:27 am
NotoriousREV wrote: ↑Fri Jan 17, 2020 2:53 pm
6 characters, lower case and no special characters would be broken in seconds.
If the website allowed you to try typing in a million passwords per second
Or an employee gets hold of the user DB. Or their piss poor security means an outside attacker gets hold of their user DB. Or, as you say, the website just accepts the brute force attack from a distributed botnet.
It’s almost as if they should be protecting from more than just a single attack vector.
But what do I know? I’m only a mere trained and qualified security professional with 25 years experience.
Come back on here when you have 125 years experience. Sheesh.
Re: Piss poor security
Posted: Thu Jan 23, 2020 10:44 am
by dinny_g
NotoriousREV wrote: ↑Thu Jan 23, 2020 9:33 am
But what do I know? I’m only a mere trained and qualified security professional with 25 years experience.
Isn't the correlation between Password lengths and update frequency intended to protect against brute force attack. Something like a 10 character password might take 5 months to crack to update frequency is set at 3 months or summat ???
Re: Piss poor security
Posted: Thu Jan 23, 2020 11:10 am
by NotoriousREV
dinny_g wrote: ↑Thu Jan 23, 2020 10:44 am
NotoriousREV wrote: ↑Thu Jan 23, 2020 9:33 am
But what do I know? I’m only a mere trained and qualified security professional with 25 years experience.
Isn't the correlation between Password lengths and update frequency intended to protect against brute force attack. Something like a 10 character password might take 5 months to crack to update frequency is set at 3 months or summat ???
10 characters without special characters would be a couple of weeks maximum. I doubt the bank is asking people to reset their passwords ever, let alone every 2 weeks.
Using update frequency to defend against cracking passwords is the dumbest strategy I ever heard of.
Re: Piss poor security
Posted: Thu Jan 23, 2020 11:31 am
by dinny_g
and that's why you're the security expert and I'm not...
Re: Piss poor security
Posted: Thu Jan 23, 2020 11:39 am
by duncs500
Honestly Rev, coming down here with your actual knowledge and experience. It's just not the done thing.
Matty, that should be a warning.
Re: Piss poor security
Posted: Thu Jan 23, 2020 11:52 am
by NotoriousREV
I have a 1 hour security presentation I could give you on how to protect yourself online, if you’d like?
Re: Piss poor security
Posted: Thu Jan 23, 2020 11:55 am
by Jackleg
Ooo yes, please. Then I could forward it to Westpac so that they would then know about internet security.
Re: Piss poor security
Posted: Thu Jan 23, 2020 11:57 am
by mik
NotoriousREV wrote: ↑Thu Jan 23, 2020 11:52 am
I have a 1 hour security presentation I could give you on how to protect yourself online, if you’d like?
I would pay 8.73 mockdiamonds for that.
Re: Piss poor security
Posted: Thu Jan 23, 2020 12:11 pm
by NotoriousREV
mik wrote: ↑Thu Jan 23, 2020 11:57 am
NotoriousREV wrote: ↑Thu Jan 23, 2020 11:52 am
I have a 1 hour security presentation I could give you on how to protect yourself online, if you’d like?
I would pay 8.73 mockdiamonds for that.
I don’t get out of bed for less than 8.84 mockdiamonds.
Re: Piss poor security
Posted: Thu Jan 23, 2020 12:34 pm
by mik
NotoriousREV wrote: ↑Thu Jan 23, 2020 12:11 pm
mik wrote: ↑Thu Jan 23, 2020 11:57 am
NotoriousREV wrote: ↑Thu Jan 23, 2020 11:52 am
I have a 1 hour security presentation I could give you on how to protect yourself online, if you’d like?
I would pay 8.73 mockdiamonds for that.
I don’t get out of bed for less than 8.84 mockdiamonds.
I accept your proposal to present from your bed.
Our contract is established.
Re: Piss poor security
Posted: Thu Jan 23, 2020 12:41 pm
by ShockDiamonds
But you'd have to use my wallet tech to complete the contract. And that's chocker with viruses according to the internet...
Re: Piss poor security
Posted: Thu Jan 23, 2020 12:41 pm
by NotoriousREV
Coming soon to Pornhub Live...
Re: Piss poor security
Posted: Thu Jan 23, 2020 12:41 pm
by ShockDiamonds
NotoriousREV wrote: ↑Thu Jan 23, 2020 12:41 pm
Coming soon
on Pornhub Live...
FTFY
Re: Piss poor security
Posted: Thu Jan 23, 2020 1:03 pm
by Simon
Having looked around, Westpac's answer to this is that after 3 unsuccessful logins they lock your account for 24 hours.
Re: Piss poor security
Posted: Thu Jan 23, 2020 1:27 pm
by Beany
I'd buy that for a dollar!
No, wait, I'd pay many multiples of a dollar to not see that.
From either of you.
Ya pervs.
Re: Piss poor security
Posted: Thu Jan 23, 2020 2:47 pm
by NotoriousREV
Simon wrote: ↑Thu Jan 23, 2020 1:03 pm
Having looked around, Westpac's answer to this is that after 3 unsuccessful logins they lock your account for 24 hours.
Which is great if that's the attack vector used by hackers.
Re: Piss poor security
Posted: Thu Jan 23, 2020 3:13 pm
by Simon
Exactly
Re: Piss poor security
Posted: Thu Jan 23, 2020 3:18 pm
by Rich B
mik wrote: ↑Thu Jan 23, 2020 12:34 pm
NotoriousREV wrote: ↑Thu Jan 23, 2020 12:11 pm
mik wrote: ↑Thu Jan 23, 2020 11:57 am
I would pay 8.73 mockdiamonds for that.
I don’t get out of bed for less than 8.84 mockdiamonds.
I accept your proposal to present from your bed.
Our contract is established.