Notices by BrBr.Prime (bryanbrake@mastodon.social)

BrBr.Prime (bryanbrake@mastodon.social)'s status on Friday, 14-Apr-2023 22:59:45 JST BrBr.Prime
in reply to
@kkarhan @thatguyoverthere @docRekd you assume I expect 'everyone' to write passwords down... In a business setting, or where it's applicable, no.
Again, the use case fits the scenario.

In conversation Friday, 14-Apr-2023 22:59:45 JST from mastodon.social permalink
BrBr.Prime (bryanbrake@mastodon.social)'s status on Friday, 14-Apr-2023 22:45:59 JST BrBr.Prime
- Kevin Karhan :verified:
- DocRekd
@docRekd @kkarhan if I was using this platform like Twitter, I'd be following you. That is great advice.

In conversation Friday, 14-Apr-2023 22:45:59 JST from mastodon.social permalink
BrBr.Prime (bryanbrake@mastodon.social)'s status on Friday, 14-Apr-2023 22:45:37 JST BrBr.Prime
- Kevin Karhan :verified:
@kkarhan sounds good, but would fail... Same reason I don't use WhatsApp, signal, etc... People won't use it, and the second you don't get an important email from a customer or time sensitive email, they'll go elsewhere for email or have an email for 'unencrypted' comms, and you already lost.
I used hushmail for years because it allowed for encryption of emails... Except I paid for a service no one uses..
Encrypt the attachment if you need to, send the password in another way, like SMS

In conversation Friday, 14-Apr-2023 22:45:37 JST from mastodon.social permalink
BrBr.Prime (bryanbrake@mastodon.social)'s status on Friday, 14-Apr-2023 22:45:36 JST BrBr.Prime
in reply to
- Kevin Karhan :verified:
@kkarhan because 'security' people treat everyone like shit if they don't do everything EXACTLY as 'they' say...
There's use cases where it's a hard requirement to send information with the highest possible encryption, then there's the 'hey honey, did I leave my socks in the dryer?' does that need the highest possible "Security"? If you say yes, then you're the problem...
#security
#informationsecurity
#cybersecurity
#email

In conversation Friday, 14-Apr-2023 22:45:36 JST from mastodon.social permalink
BrBr.Prime (bryanbrake@mastodon.social)'s status on Friday, 14-Apr-2023 22:45:33 JST BrBr.Prime
in reply to
- Kevin Karhan :verified:
- DocRekd
@docRekd @kkarhan
I'd imagine y'all are on the same team as 'everyone should have a password manager', even the 'tech illiterate '
Who do you propose speak to the 'tech illiterate ' about password managers? We cannot deal in absolutes in #infosec, or you're going to lose the 'tech illiterate '
Do you blame the person or the tech for phishes?

In conversation Friday, 14-Apr-2023 22:45:33 JST from mastodon.social permalink
BrBr.Prime (bryanbrake@mastodon.social)'s status on Friday, 14-Apr-2023 22:45:26 JST BrBr.Prime
- Kevin Karhan :verified:
- DocRekd
@kkarhan @docRekd no one will remember 64-character passphrases. And we should not ask ppl to do so.
@docRekd, myself, and others have advocated for pragmatic approaches to security, like writing down passwords on paper or a physical book. I ask this of my mother, who visits 2-5 websites and 7 billion people do not have access to her home. Safer option than keypass even.
The security absolutism requested from 'everyone' is something that our industry needs to take a hard look at.

In conversation Friday, 14-Apr-2023 22:45:26 JST from mastodon.social permalink

Public

Notices by BrBr.Prime (bryanbrake@mastodon.social)

User actions

Following 0

Followers 0

Groups 0

Statistics

Feeds