CCTV Smart Systems Twitter

This Months Best Cought On CCTV

Shared The Most

How to Vape Safely: 12 Tips and Tricks

Image
Vaping has taken the world by storm with more and more people getting interested in it and buying their own vaping kits. While this can be a safer alternative than smoking, it comes with its own hazards. Discover these tips and tricks on how to vape safely so you can continue to enjoy your vaping experience.   Charge Your Device with the Manufacturer’s Charger Although it might be tempting to charge your vape with any charger you have laying around, it’s best to stick with your manufacturer’s charger that came with the device. This will ensure that your charger is compatible with your vape’s battery. Also, don’t leave your vape plugged in overnight, and follow any instructions that came with your kit. Check Your Battery Quality Many vape devices and kits come with powerful lithium-ion batteries. They can also have specific batteries that you’re supposed to use with your device. You never want to use a cheap battery or one that isn’t recommended with your device because this incre
Read more

Violent crime soars by 18 per cent as warnings raised on falling police numbers

Image
Violent crime soars by 18 per cent as warnings raised on falling police numbers in 2017. THE nation is in the grip of a surge in violent crime, figures have revealed. Shocking statistics show that offenses of violence have soared by 18 per cent in just 12 months. They come as a separate report showed the number of police officers has fallen to its lowest level since 1985. Steve White, chairman of the Police Federation which represents rank and file officers, said: “What more of a wake-up call does the government need? “Officer numbers are dropping consistently every year yet our members are having to deal with not only more  crimes but the most unimaginable atrocities such as those in Westminster, Manchester and London Bridge. Violent crimes up 18% as the number of police officers has fallen to its lowest level since 1985 “Particularly worrying is the drop in the front line and neighbourhood officers when we all know that community policing is fundamental in tackling
Read more

NASA Updates TV Coverage for First Crew Rotation Flight on US Commercial Spacecraft

NASA and SpaceX are now targeting 7:27 p.m. EST Sunday, Nov. 15, for liftoff of the agency’s SpaceX Crew-1 mission from Launch Complex 39A at NASA’s Kennedy Space Center in Florida with astronauts to the International Space Station. November 14, 2020 from NASA http://www.nasa.gov/press-release/nasa-updates-tv-coverage-for-first-crew-rotation-flight-on-us-commercial-spacecraft via Gary Pearce CCTV Man
Read more

Protecting Basecamp from breached passwords

Did you receive this email from us today?

Subject: Basecamp 3 security alert: You must set a new password ⚠️

You’re not alone! You’ve done nothing wrong, and you’re in good company. 1 in 20 Basecamp users got this email alert. Here’s the full story.

Last month’s mass-login attack was a sobering reminder that passwords just aren’t cutting it online. It’s getting worse. We all feel it.

Without a password manager app, it’s just impossible to use passwords securely online. Every bank-level secure web site we log into with a super strong password (One of our “main” passwords, maybe? With a ‘4’ instead of an ‘a’, am I right?) is only as secure as the flimsiest fly-by-night.com where we signed up with the exact same password.

When the weakest link gets hacked and fly-by-night.com data is breached, the whole chain falls apart. Anyone can pluck our email and passwords out of the rubble and waltz right through the front door of our other bank-level secure web sites. And who would bat an eye? They’ve got our email and our super strong password. Roll out the red carpet, Ft. Knox.

That’s so frustrating. Any motivated hacker can go grab a giant list of logins stolen in data breaches, scan down the list to look for your email address, maybe find some passwords you’ve used before, and go try to log in to other sites right away. If you reused the breached password on another site—BAM, they’re in as you. It’s that easy.

Ooo, that burns. It’s not right. And what can we do!?

As internet users, there’s much we can do to protect ourselves online. We can start using password managers (like 1Password) for every single site. Every single time. We can use a free password breach notification service like Have I Been Pwned for early warnings of data breaches that could reveal our personal data. And we can take care to enable two-factor authentication (2FA) everywhere it’s available to us, guaranteeing that a breached password won’t be enough to log in on its own.

At Basecamp, there’s much we can do, too. We can require strong, hard-to-guess passwords. We can offer two-factor authentication. But it’s not enough to celebrate sophisticated best practices when our average, everyday passwords are still 100% at risk of data breaches. We can do better.

Dial back a month. After January’s mass-login attack, we asked

  1. How can we put a stop to this attack? We did this! ✅
  2. Now, how can we prevent attacks like this from happening again? 🤔

We can prevent attacks like this—that reuse breached passwords to log in to Basecamp—by keeping breached passwords out of Basecamp in the first place. We can’t get out ahead of every new data breach, but we sure can catch their scent, track them down, and kick them out.

We started by checking that our users aren’t already caught up in a number of high profile, widely available data breaches. We went straight to the source: we scanned the data breaches themselves for user emails, extracted any associated plain-text passwords, and securely checked whether they match user logins.

(We use bcrypt to securely salt & hash passwords, which is a one-way encryption of sorts that’s extremely computationally costly to try to guess. We never compare unencrypted/unhashed passwords, or even have them available in the first place.)

Today we alerted every Basecamp user whose email and password we could find in a data breach, in full view of everyone online, that we removed the unsafe password and disabled login until a new password is set.

Next, we ensured that breached passwords can’t find their way in to Basecamp from here on out. Basecamp now validates that passwords are not breached. For this we thank the fantastic Have I Been Pwned API, a free service provided by a concerned citizen for checking that a password does not appear in its massive, growing trove of known data breaches. Basecamp securely asks whether a password appears in a breach and marks it as invalid if it does. Breached passwords simply aren’t allowed into Basecamp anymore.

Basecamp elbowed out breached passwords today, and we’re keeping them out.

If you received an email alert today, we’re taking a big step together. Start by setting a new Basecamp password. You’ve got this, and we’re here to help.

If you came here wondering whether you just got a phishing email: great instincts! Any email asking you to set a password or mess with your login is super slippery dubious. This is legit. We invite you to email us directly at support@basecamp.com for a gut check about any dubious email.



from Signal v. Noise https://m.signalvnoise.com/protecting-basecamp-from-breached-passwords/
via Local CCTV

Comments

Post a Comment

CCTV Installations

Loading...