Search Results for: troy hunt

Troy Hunt on Bank Passwords

Over the years, I’ve done a lot of huffing and puffing about passwords, most recently in my post on Bad Password Policies. Troy Hunt has a slightly different take on things, at least as far as banks are concerned. It … Continue reading

Posted in General | Tagged | Leave a comment

Troy Hunt on Why Passwords Aren’t Going Away

I was trying to create a Web account with my credit card company so I could update some information. The process was painful beyond endurance and their password policy revealed that they weren’t using the best practices method of hashing … Continue reading

Posted in General | Tagged | Leave a comment

Troy Hunt on the Cobra Effect

Troy Hunt comments on that incredibly silly tweet by British Gas explaining why they disable pasting into the password field on their site. I wrote about that here. Sadly, it turns out that this practice is more widespread than I … Continue reading

Posted in General | Tagged | Leave a comment

Troy Hunt on SQL Injection

The invaluable Troy Hunt has an excellent post on SQL injection attacks. We all know the basic ideas behind SQL injection but Hunt shows how attackers actually mount the attacks and why they work. It’s extraordinary that these attacks still … Continue reading

Posted in General | Tagged | Leave a comment

Troy Hunt On XKCD Password Security

Troy Hunt, whose work I admire and have mentioned before (1, 2, 3) has posted about the XKCD password security cartoon that I wrote about in Password Advice From XKCD. It’s easy to misconstrue his post as being critical of … Continue reading

Posted in General | Tagged | Leave a comment

HTTPS Is Easy

Troy Hunt, whom I’ve written about many times, has performed a public service by putting together 4 simple videos that show how easy it is to implement HTTPS on your site. The link takes you to a blog post that … Continue reading

Posted in General | Tagged | Leave a comment

I Want One

Some good advice from Troy Hunt: pic.twitter.com/q0BMtbDwzc — Troy Hunt (@troyhunt) August 5, 2015

Posted in General | Tagged | Leave a comment

Responsible Disclosure

Most Irreal readers are familiar with the concept of responsible disclosure: the idea that if you discover an exploitable flaw in a site or piece of software, you should contact and inform the folks responsible for the site or software … Continue reading

Posted in General | Tagged | Leave a comment

What’s in a Logo?

Troy Hunt is the world’s greatest lover and he’s got the t-shirt to prove it. That’s his way of making a serious point about those badges you see on many sites certifying that the site is safe and not infected … Continue reading

Posted in General | Tagged | Leave a comment

When SSL Is Not SSL

Troy Hunt has a nice post on SSL and how many sites misuse it. As Hunt says, SSL is not about encryption. The problem that Hunt is writing about is sites that deliver a login page, say, in http and … Continue reading

Posted in General | Tagged | 1 Comment