-
Good, old-fashioned, boring passwords – the key to good security
19 Mar 2019Many people are quick to proclaim that passwords are dead…that SSO, MFA, and related technologies are THE solution. Not so fast. Passwords, as we’ve known them for decades, are not going away anytime soon. Sure, I’ll embrace the technologies that help take the pain out of passwords and password management. Hopefully we will be password-free in the next few decades. Still, pragmatism will win out over presumed quick fixes every time. Until then, there are some things that you can – and must – do in order to minimize this maximum security risk. The following are password and penetration testing related pieces that I recently wrote for the nice folks over at Specops Software that can help put you on the right path:
What to expect during your next penetration test
Following up on your vulnerability and penetration testing
Low-hanging security fruit you can’t afford to overlook
Best practice tips for your password policy
How to audit network passwords…as well as a related guest blog that I wrote for Pentest Magazine:
Three Actionable Steps To Take Following Your Penetration Testing
Resources
Client Testimonials
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”
(IT managed services firm)
I’ve written/co-written 12 books on information security including:
