Mike Foster's IT Security & Best Practices Blog

Latest Posts

773 Million Passwords Exposed – Were You Exposed?

Today Troy Hunt announced that a collection of 773 million usernames and passwords were released. This release of passwords, dubbed Collection #1, contains usernames and passwords

Continue reading 773 Million Passwords Exposed – Were You Exposed?


The Insanity of Your Network – Storing Keys in the Same Place as Everyone Else

Imagine that you have a fleet of dozens of expensive vehicles, and you keep all of their keys in a locked cabinet. There is a master key that opens the cabinet. You assign your IT team

Continue reading The Insanity of Your Network – Storing Keys in the Same Place as Everyone Else


Make Life Easier – Go Back to Easy Passwords

NIST, the National Institute of Standards and Technology in the US, is releasing new password standards that make passwords so much easier…

Continue reading Make Life Easier – Go Back to Easy Passwords


Online Password Warehouse, OneLogin, Discovers Massive Breach

Without getting complicated, OneLogin, Okta, Centrify, Microsoft, RSA SecureID Access, SalesForce App Cloud, and even more basic password managers store user identities, and login information. Using these services means that users only need to remember one password and all of their other logins are handled for them. The most important thing about the OneLogin breach: […]

Continue reading Online Password Warehouse, OneLogin, Discovers Massive Breach


Alert – A Popular Password Manager Has Serious Security Flaw Right Now

A password manager company announced that there is a vulnerability that could allow attackers to gather stored passwords.

Continue reading Alert – A Popular Password Manager Has Serious Security Flaw Right Now


Your iPhone and iPad are in Danger

If you use Apple products, here is what to do to protect yourself. By now, you’ve probably heard that attackers have told Apple that they have access to millions

Continue reading Your iPhone and iPad are in Danger


How to Find Out if Your Password Might Have Been Hacked

You hear in the news that Yahoo, or some other company, got hacked and your username and password may be in the hands of attackers. There is a way to find out if your credentials were exposed.

Continue reading How to Find Out if Your Password Might Have Been Hacked


Why is it not Google’s fault?

After last week’s post about the stolen Google and Gmail passwords, one of our valued subscribers wrote back asking why it isn’t Google’s fault that the passwords were stolen.

Continue reading Why is it not Google’s fault?


Gmail Passwords Stolen, Possibly Millions of Them

This applies to everyone, not just Gmail users. A researcher at Hold Security bought 272 million stolen passwords on the dark web. Some of the credentials were for Gmail. This is not Google’s fault. Whether you use Gmail or not, everyone, if they haven’t already, needs to enable

Continue reading Gmail Passwords Stolen, Possibly Millions of Them


How To Know if a Password Attack Succeeded

Last week, you saw an example of a list of passwords that an attacker used to attack a server more than 41,000 times. But the worst part was the server that underwent a short attack…

Continue reading How To Know if a Password Attack Succeeded