Banks are naturally concerned when a customer reports that her security software is identifying the bank's website as a potential phishing site. In many cases, these reports are false positives and do not mean that someone has compromised your website, but there are steps that you should take to ensure the safety of your website and to assure your customers that the site is safe. [More]
When you upload documents, such as PDFs or Word files, to your website you may be unwittingly divulging information that could prove useful to hackers and other outside parties. If you’ve had any sort of vulnerability assessment performed on your website, you may see a reference to this metadata existing on your website. While it’s a relatively low risk threat, to stay in the good graces of your risk department, you’ll likely want to remove this data from documents before you publish to your website. [More]
If your organization provides any computer security training at all then it should be no news to you that long, complex passwords are more difficult to crack than the more simple passwords that most users choose today; however, nearly all people I’ve talked who work in banks don’t realize how fast their passwords can be cracked by today’s modern computers. Many people will be surprised at this chart. [More]
Have you ever mistyped an email address? Ever had someone misspell yours? Email address typos occur all the time, and these misspellings can actually be a very large security concern for your business. [More]
Passwords, ugh, don't you hate them? Passwords are a shared annoyance and inconvenience for all of us these days. Passwords are our main line of defense to verify we are who we say we are and to protect our identity and data. Since passwords are such a critical component to our daily technology lives we've been forced to make them less "guessable" more cryptic and thus harder to remember.
The most common technique for making your password has been to take a word, it is called a pass-WORD after all, and add some capitals, a number and then maybe some funky symbol like #, % or !. This is great, but surprisingly enough, this isn't really as secure as it could be AND it's silly hard to remember.
Today the witty folks at xkcd, an online daily comic for techie nerds such as ourselves, posted a great little comic covering this topic.
Comic courtesy of xkcd
The first row explains, in some... [More]