NIST recently published its four-volume SP800-63-3 Digital Identity Guidelines. Among other things, it makes three important suggestions when it comes to passwords:
* Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they don't help that much. It's better to allow people to use pass phrases.
* Stop it with password expiration. That was an old idea for an old way we used computers. Today, don't make people change their passwords unless there's indication of compromise.
* Let people use password managers. This is how we deal with all the passwords we need.
Group items tagged
saddle/saddle · GitHub - 0 views
-
"Saddle is a data manipulation library for Scala that provides array-backed, indexed, one- and two-dimensional data structures that are judiciously specialized on JVM primitives to avoid the overhead of boxing and unboxing. Saddle offers vectorized numerical calculations, automatic alignment of data along indices, robustness to missing (N/A) values, and facilities for I/O. Saddle draws inspiration from several sources, among them the R programming language & statistical environment, the numpy and pandas Python libraries, and the Scala collections library."
Scalastyle - Scala style checker - 0 views
-
"Scalastyle examines your Scala code and indicates potential problems with it. If you have come across Checkstyle for Java, then you'll have a good idea what scalastyle is. Except that it's for Scala obviously."
Docker Acquires SDN Technology Startup SocketPlane.io - The New Stack - 1 views
-
"In an indication of how rapidly the containerized technology ecosystem is metastasizing, SocketPlane.io - a startup venture founded just last October with the goal of building a controller-less software-defined network model for Docker environments - is being acquired by Docker, Inc., the two organizations jointly announced Wednesday morning. SocketPlane creates a networking abstraction for Docker containers at the socket layer. It connects containers without the need for a network controller, either physical or virtual. Put another way, it facilitates a software-defined network by letting the containers be the network."
Changes in Password Best Practices - Schneier on Security - 0 views
-
"NIST recently published its four-volume SP800-63b Digital Identity Guidelines. Among other things, it makes three important suggestions when it comes to passwords: Stop it with the annoying password complexity rules. They make passwords harder to remember. They increase errors because artificially complex passwords are harder to type in. And they don't help that much. It's better to allow people to use pass phrases. Stop it with password expiration. That was an old idea for an old way we used computers. Today, don't make people change their passwords unless there's indication of compromise. Let people use password managers. This is how we deal with all the passwords we need."
KVM and docker LXC Benchmarking with OpenStack - 5 views
-
Queria decir que es un buen comienzo para ir aprendiendo la epoca que se viene, que es probablemente el declinar (el fin?) de la virtualiacion basada en VMs. Aunque el autor confiese que las conclusiones no pueden emparentarse con la ciencia.
Crypto-Gram: October 15, 2017 - Schneier on Security - 0 views
-
-
Para tener en cuenta.
-
1 - 7 of 7
Showing 20▼ items per page