Credential Security …again
So, with another major collection of user credentials being uncovered (and reported in the mainstream media), there is a slight increase in interest in people, their data, and the credentials they use. For those who may not yet have caught up with the news (or those reading this in the future and wondering which massive credential theft I’m referring to), this is the uncovering of the work done by ‘Cyber Vor’ who managed to snare around 1.2 billion (yes, with a B) unique user credentials.
Today there was a question pitched by one of the guys at work as to why we bother having such things as a password expiry / enforced change. My answer (in true Rob fashion), rambled a little (ok, a lot) but I’ve consolidated it below and made it generic to suit anyone facing the same […]