I'll get round to it eventually
I like to sing the praises of Troy Hunt and his efforts to improve the world’s password security. I also take digital security very seriously, but I can understand why most people don’t. Even the most keen people can suffer from apathy from time to time.
Example below:
Troy Hunt continues to be amazing for cyber security with the Have I Been Pwned project. All the Version 3 passwords have been released as NTLM hashes, the password hash used by Windows. This should be really useful for any sysadmins managing a Windows Enterprise deployment wanting to make sure that users aren’t using bad passwords. Hopefully as this is adopted it will also reduce the number of poor password rules that many companies still enforce.
Things like: Continue reading “Have You Been Pwned: NTLM Hashes”
If you are reading this, then you must be using the new URL for my website.
I moved from procrastinatingengineer.co.uk to procrastinatingengineer.uk
Mostly because it’s shorter and I think it looks nicer, but also I wanted to play around with self hosted WordPress and CND setups. More on this coming soon!
TL;DR – Yes, yes it is. But Japan is better!
Naturally I procrastinated too much to write anything about EMF 2016, but since I’m going again in 2018 I though I’d write a little of what I remember for comparison later.
My friends had been to EMF 2014 and convinced me to go with them in 2016, and I’m really glad they did. It was an awesome 3 days!
Troy Hunt has updated the haveibeenpwned list of pwned passwords, which now contains a staggering 517 million compromise passwords (as SHA1 hashes).
e-mail accounts are a pretty serious single point of failure, more so than I think most people ever consider. Recovery accounts and 2 factor authentication help (if you have them setup), but there is a new option that a lot of people won’t know about. email address aliases.
CloudFlare had a great April Fools Day joke, they were creating two new public DNS servers. Except it wasn’t a joke, they have really created them, with highly memorable addresses:
Ok, so IPV6 addresses aren’t as memorable…
Troy Hunt has updated the haveibeenpwned list of pwned passwords, which now contains a staggering 501 million compromise passwords (as SHA1 hashes). It now also includes a count of how many time that password has been found, so you can see just how poor your password choices are!
I wrote a post in February called Linux Server Pulling Sextuple Duty, describing all the things I use a Linux server for. I said that I would write a guide on how to set it up, since I was always breaking things and needed a guide myself. I have now broken my server so many times that I am pretty good at getting a new one going again. So here is part one of my setup guides. Continue reading “Linux Server Setup”