Now You Know What I Think

19. January 2010 16:36
by nickolay_kolev
0 Comments

Knowing your passwords is a security breach

19. January 2010 16:36 by nickolay_kolev | 0 Comments

Current authorization requirements for almost any system, including your e-mail or computer log in, are relying on pair of 2 strings. The first one is your username and second is your password.

Your username is pretty much a publicly known value and doesn't contribute to your security very much. If you know the username of a single user in a given company, you may easily guess with 99% accuracy the usernames (and e-mails) of all of the employees in that company, if you know their names. The task of obtaining the username of somebody is made even easier by the fact that the same username is used to construct the corporative e-mail addresses. More...