Olivia
Online
PasswordResearch.com
@PwdRsch
Archive of authentication and password security news gathered by Bruce K. Marshall. See or new updates on
Wichita KS, USA
Joined October 2012
305 Following
2.2K Followers
2.6K Posts
Pinned Tweet
OWASP released v4.0 of the Application Security Verification Standard (ASVS) in March, listing security practices for orgs to design, code, and test apps against. https://t.co/E5oqj7BaYx There was substantial content change in the authentication section, so I'll comment on it.
@_BSidesKC Thank you to the organizers, speakers, and volunteers for putting on the con! Nice to see the local community gather to share, learn, and have some fun.
@spazef0rze I haven't done much lately to keep it updated, but certainly have logged a lot of hours trying to gather good info in the past. Thanks for the recognition!
@jwerre I do in occasion. What are you looking for?
Who to follow
KoreLogic
@CrackMeIfYouCan
KoreLogic's password cracking contest at DEF CON
Contest updates here: https://t.co/WX5clX3RCM
Openwall
@Openwall
Infosec focused free software, research, publications, community activities @oss_security. Tweets are announcements. Please direct questions to @solardiz.
Spiros Fraganastasis
@m3g9tr0n
Team @hashcat! Eternal n00b and knowledge seeker! Age is just a number and motivation is the fuel!
Whatever you do in your life, do not forget to be humble.
Virtual #PasswordsCon CFP is live:
https://t.co/v8TCU4gl2S
Please submit NOW!
Streaming on November 23-24. Pre-recorded or live talks, with live Q&A sessions.
(please RT!)
@Hydraze @thorsheim @m33x There are definitely more papers analyzing luds style policies, but hopefully that gets you started.
@Hydraze @thorsheim @m33x Of passwords and people: measuring the effect of password-composition policies https://t.co/BmOTS1qeVj
@Hydraze @thorsheim @m33x Here are a few I know of: Password Creation in the Presence of Blacklists https://t.co/LXb0aErOTl
Pre-draft call for comments just issued for #NIST SP 800-63-4 Digital Identity Guidelines. @NISTcyber https://t.co/xd24Kh1kRh
Drop by the Authentication (1120-1220pm PDT) session at @IEEESSP to check out @Philipp_Markert speaking about our work on the security of 4- and 6-digit PINs. Q&A to follow the talk, and you can also find out more on our project web-page https://t.co/ExaBz96fIF
"Study found little benefit to 6-digit PINs as compared to 4-digit PINs. Participants tended to select more-easily guessed 6-digit PINs when considering the first 40 guesses of an attacker. Current PIN blacklists ineffective" @Philipp_Markert et al. 👏 https://t.co/EiCZfk3vzo
Blocking email as username login would be efficient to prevent credential stuffing / password spraying for:
Just blogged: Enhancing Pwned Passwords Privacy with Padding https://t.co/UMndtU3Wc1
Time to submit for the #Ground1234 (#PasswordsCon) track people!
I'll get back to some specific topics I'd like to see covered this year, but "Is 2FA worth it?" from a user/business perspective is one of them, & if you have deployed NIST SP800-63B we want to hear from you!
#infosec #acadmictwitter
Is anyone aware of any academic or industry literature that audits the security of TOTP #2FA app, like Authy, Microsoft Authenticator, LastPass Authenticator, Duo Mobile, etc?
We’ve published an explainer about an idea to harden SMS-delivered one-time passwords by allowing senders to associate the codes with a website. We’ve been talking about the idea with some folks at Google, and would like more feedback. https://t.co/kc9fzsGo7m
What’s the more secure option of these? also interested in the motivation*
*I know there are much better options but that’s not what I’m asking for.
Retweets appreciated
#Infosec
Last Seen Users on Sotwe
kohar hhh
Seen from Malaysia
FF TV 
Seen from Turkey
buraktek
Seen from Turkey
Pencinta binor gemoy montok besar
Seen from France
𝓑𝙞𝙖 𝙙𝙤 ℒ𝗶𝗻𝗼 i 𝒹a 𝗮𝘀𝗵! | ᵈᵒ ⁱᵗ
Seen from United States
The Scam Addict
Seen from United States
GentlemanLustX | ครีเอเตอร์ 127K followers
Seen from Thailand
Intrigued1282
Seen from Turkey
duocthao
Seen from Vietnam
刘旋
Seen from Malaysia
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers