Browse by Tags

All Tags » Security Policy (RSS)
Multi-Factor Authentication vs Multi-Single Factor Authentication
Sprites mods has an interesting article about hacking the protection of a hardware authentication device: http://www.spritesmods.com/?art=secustick What’s interesting about this is that it shows how easy it is to feel like a hardware device is providing...
Posted: May 09 2007, 10:35 AM by MB's Windows Security
Filed under: , , , , , , , , ,
Technology Fixed the Stapler, Is Windows Next?
I recently experienced a small technology miracle: I found myself a stapler that doesn’t mangle staples and doesn’t jam. For years those twisted and contorted staples stuck in my carpet were a perpetual reminder of how technology has failed us. Yet despite...
Posted: May 04 2007, 05:45 PM by MB's Windows Security
Filed under: ,
How to Guess an Admin’s Password Without Them Knowing You Are Trying
Explains an old trick on how to guess someone else's password without anything getting logged in the domain controller's event logs Read More...
Posted: Mar 01 2007, 10:30 PM by MB's Windows Security
Filed under: , , , ,
Does Windows Server 2003 Even Need Hardening?
Many people tell me they are surprised with how much effort I put into hardening Windows Server 2003–the last hardening document I wrote for a client was 112 pages long. That’s not 112 pages of writing, policy, and how-to’s, that’s...
Posted: Jan 31 2007, 07:22 PM by MBs Windows Security
Filed under: ,
Perfect Passwords Book!
I finally finished my Perfect Passwords book. In this book I attack much of the conventional wisdom about password policies and present new techniques for building strong passwords. For example, I think that passwords as a technology aren’t obsolete...
Posted: Mar 16 2006, 05:07 PM by MBs Windows Security
Filed under: ,