So apparently quite a few people have come to expect and enjoy my summaries of conferences I’ve attended, because I’ve already gotten a number of inquiries as to why I haven’t yet posted about this last weekend’s ToorCon. In short, it’s because I wasn’t there!
Archive for September, 2008
What, no ToorCon???
September 30, 2008(In)Security Questions
September 18, 2008A number of years ago, as the Internet became more and more mainstream, websites and web services began to push to the forefront of online business and society. This generally required allowing users to create accounts with these increasingly complex sites and services, and thus, the entities providing them had to then manage those accounts. In these early days, such user accounts began to be compromised due to their easily guessable or brute-forceable passwords, so nowadays most sites require users to use relatively complex passwords. Humans are simply not good at remembering such things, and customer service expenses soon skyrocketed under the flood of users constantly requesting password resets to regain access to their accounts. The business solution to this? Let the users reset the passwords themselves!
