A short illustration of risk management. Demonstrating the concepts of risk mitigation, acceptance, avoidance and transfer. Learn these concepts well and you'll do well in your CISSP exam.

A couple of weeks ago, I ran a highly unscientific survey on twitter. Asking what advice would people give to children about security. The response was overwhelmingly in favour of educating them to be cautious online, not trust people and generally be paranoid. Other comments were more along the lines of teaching them not to … Continue reading Online Safety →

What do you do when a user forgets their password. There are a number of different approaches that can be taken. For an internal user within an organisation, it usually means having to phone up the helpdesk. But where an application is public-facing, running a helpdesk is usually cost-prohibitive therefore, self-service functionality is provided. The … Continue reading Forgotten Passwords →

Some security professionals, be they consultants or vendors have made a healthy living by selling off the back of fear, uncertainty and doubt. This short video is a tribute to all the FUD’sters out there.

Encryption passwords is bad. Try hashing them with a little bit of salt on top. Confused about the terminology - maybe i can clear your confusion with the use of a shoe, a box and a pen & paper.

Whilst Girl-Cynic is recovering from her chicken-pox, Marisa Fagan kindly dropped by from across the pond to talk about secore.info You can stalk Marisa on twitter, http://www.twitter.com/dewzi

Hope you all have a great year ahead of you and despite how bad things may seem, you can always tap into your inner child and have some fun!