Category Archives: Passwords

Posts relating to passwords.

Serious OSX Vulnerability – Get Root Without A Password

Apple’s latest version of their OSX (or macOS) operating system – High Sierra – has been found to have a serious vulnerability that allows anyone with access to the device to have full administrative access (“root”) without a password. On … Continue reading

Posted in Active Attacks, Passwords | Tagged , , , , | Comments Off on Serious OSX Vulnerability – Get Root Without A Password

Keeping Your Account Safe

We are seeing an increase in the number of compromised accounts due to various forms of attack, and decided to highlight some core protections for your account. If your account is compromised, you may find yourself locked out of the … Continue reading

Posted in Active Attacks, Passwords | Comments Off on Keeping Your Account Safe

Is IS Aware Of What Password You Have?

One of the more interesting questions that arose from the recent password audit is whether IS is aware of account passwords – i.e. do we know your password. The short answer to that is: No, but with a caveat. First … Continue reading

Posted in Passwords | Comments Off on Is IS Aware Of What Password You Have?

Phishing: What To Do In The Aftermath

In the event that you have given away your account details in response to a phishing attack, and either discovered yourself that your account is compromised or you have been told so by IS, then there are some steps to … Continue reading

Posted in Email, Passwords | Comments Off on Phishing: What To Do In The Aftermath

Have You Changed Your Myspace Account Password Recently?

Don’t laugh. Some of us who have been around for more than a few years may well have used a myspace account at some point in the past. And you may well have set your account up with a password … Continue reading

Posted in Passwords | Tagged , , | Comments Off on Have You Changed Your Myspace Account Password Recently?

The Password Audit

If you have received an email claiming that you have a weak password, or you happen to read this blog posting, then this post explains the process used in the password audit. And yes, IS is sending out emails to those … Continue reading

Posted in Passwords | Comments Off on The Password Audit

Living With Google Two-Factor Authentication

If you have not already heard, Google allows two-factor authentication (“Google 2FA”) for access to their services – which includes our own Google domains. This adds greater security to accounts by requiring what is in effect a second password that … Continue reading

Posted in General, Passwords | Comments Off on Living With Google Two-Factor Authentication

Have You Changed Your Password Recently?

When was the last time you changed your account password(s)? More than a year ago? Then it is probably time you changed your password :- University Staff Passwords University Student Passwords Changing your password regularly accomplishes several things :- It meets the … Continue reading

Posted in Passwords | Comments Off on Have You Changed Your Password Recently?

Passwords: A Little Knowledge Is A Dangerous Thing

According to this article on password security, cracking passwords is difficult enough that a 9 character password is safe. However he is working on a specific password challenge – to find a password to an encrypted archive file. And he is … Continue reading

Posted in Passwords | Comments Off on Passwords: A Little Knowledge Is A Dangerous Thing

Password Audit Procedure

This blog entry is intended to document a technical procedure used to perform a password audit. This is mostly intended for future use by security analysts who may be called on to perform a password audit, but is published here for … Continue reading

Posted in Passwords, Technical | Comments Off on Password Audit Procedure