Abstract
We can’t go much further in this book without discussing passwords. I hate passwords. I hate them with a passion. And I know I’m not alone. But despite some promising new technology, I’m here to tell you that password-based authentication is still your most secure option for proving your identity today, if you use them correctly. By the time you finish this chapter, you’ll understand why.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
- 2.
- 3.
You can keep track of support for passkeys on your devices and major websites here: https://passkeys.dev/
- 4.
This is from an annual report from SplashData (https://www.splashdata.com). Note that this is the list of all hacked passwords… that is, of all the passwords the bad guys were able to guess, these are the most popular.
- 5.
Special thanks to Steve Gibson’s excellent website for these figures: https://www.grc.com/haystack.htm
- 6.
If you want a truly unique and fun way to “roll” your dice, check out the official Firewalls Don’t Stop Dragons challenge coin! https://d20key.com/#/coin
- 7.
Security people sometimes cheekily refer to these as “something you forget, something you lose, or something you cease to be.”
- 8.
SIM = subscriber identity module. It’s what ties your account to your phone number and the smartphone itself.
- 9.
Most people attribute this to a 2004 policy written for the National Institute of Standards and Technology by a guy named Bill Burr. He got it from a whitepaper from the 1980s! He’s since apologized for this, and NIST has removed this from their security recommendations.
- 10.
If you’re interested in this level of privacy, I will have some recommendations at the end of the book.
- 11.
For some really stupid reason, we have not settled on a simple login standard for websites. And apparently, one common issue with Bitwarden is that it doesn’t always recognize when you’re logging into a website for the first time. In those cases, you can explicitly add your website credentials using the plugin menu on your browser.
- 12.
This is a Harry Potter reference: https://en.wikipedia.org/wiki/Magical_objects_in_Harry_Potter#Horcruxes
- 13.
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2023 Carey Parker
About this chapter
Cite this chapter
Parker, C. (2023). Who Goes There?. In: Firewalls Don't Stop Dragons. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4842-9036-1_5
Download citation
DOI: https://doi.org/10.1007/978-1-4842-9036-1_5
Published:
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4842-9035-4
Online ISBN: 978-1-4842-9036-1
eBook Packages: Professional and Applied ComputingProfessional and Applied Computing (R0)Apress Access Books