DEF CONGood morning, humans of #defcon31! It's good to be together again.
Please remember to drink water and look out for each other.
Let's have fun out there!
Aiden
- 17 Followers
- 10 Following
- 22 Posts
I occasionally hang out here, mainly looking at the Twit.Social local feed.
@SGgrc and @leo on SN spoke about PBKDF2 iterations, so I got to thinking... what's a reasonable number in terms of *time to login* (not crack with GPUs, etc)... well I also love Powershell (v7) so here we are: https://gist.github.com/aiden56/62f6725f90fb983637ec3b834edefe51.
Given this result, why would you bother with < 1,000,000 iterations?
I once had to answer on the phone, "What's the 5th character of your first pets name?", and had to respond... "err... exclamation mark". 😅
Is anybody else's first pet called "^lc7HdP!t^@8BnzOT" according to their security questions?
What other security helpers does secureish.com need?
Well that's good news! https://twitter.com/Bitwarden/status/1606052360035323904
LastPass Leak Update: Encrypted Vaults Leaked, AND **URLs are not encrypted in LastPass**, so all URLs in your vault should be considered public information now, linked to your name and information. Goodbye LastPass, that's crazy bad by design.
Looking forward to Steve and @leo take on this in SN.
https://blog.lastpass.com/2022/12/notice-of-recent-security-incident/
