Social Media Security Podcast 30 – The Password Episode

This is the 30th episode of the Social Media Security Podcast sponsored by SecureState.  This episode was hosted by Tom Eston and Scott Wright.  In this episode we talk about the password problem and why we continue to choose easy to guess passwords.  Tom and Scott also talk about ways to select more secure passwords and how technology can help.  Below are the show notes, links to articles and news mentioned in the podcast:

The password Episode!  It’s episode 30!

Major password breaches in the last few months:
Brute force attacks on passwords is the #1 way we break into companies during pentests! Want to see the poor passwords people choose? SkullSecurity has very good lists from previous breaches.  Looking for more information? Tom wrote a white paper on how easy it is to profile user passwords on social networks.
The password problem.  Users continue to make poor password choices. Why? 
  • Too many to remember?
    • It’s easier to use the same password for each site
    • Also the same user id and email
  • Failures in user awareness?
  • Users are not provided the technology to help
  • Social networks and other sites make it easy to choose weak passwords, little adoption of two factor authentication because users will complain
  • Mobile apps are not designed to constantly enter passwords.  This is why you “stay logged in”.
Worse case scenario?
What is the solution?
Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening!

Social Media Security Podcast 26 – Google +, New Facebook Privacy Controls, FBPwn Tool

This is the 26th episode of the Social Media Security Podcast recorded September 8, 2011.  This episode was hosted by Tom Eston and Scott Wright.  Below are the show notes, links to articles and news mentioned in the podcast:

Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes and follow us on Twitter.  Thanks for listening!

Social Media Security Podcast 11 – Google Buzz, Geostalking, Twitter’s Phishing Filter

This is the 11th episode of the Social Media Security Podcast recorded March 15, 2010.  Sorry for the delay on releasing this!  We should be back on our biweekly schedule soon.  This episode was hosted by Tom Eston and Scott Wright.  Below are the show notes, links to articles and news mentioned in the podcast:

Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes. Thanks for listening!

Social Media Security Podcast 5 – Google Reader, Privacy, Wave, ChromeOS and Foursquare

skullThis is the 5th episode of the Social Media Security Podcast recorded November 20, 2009.  This episode was hosted by Scott Wright and Tom Eston. Kevin Johnson will be joining us for the next podcast.  Below are the show notes, links to articles and news mentioned in the podcast:

Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast in iTunes! Thanks for listening!

Social Media Security Podcast 4 – Death by Twitter, Open Source Intelligence, Policies, Google Wave

skullThis is the 4th episode of the Social Media Security Podcast recorded November 6, 2009.  This episode was hosted by Scott Wright, Tom Eston and Kevin Johnson.  Below are the show notes, links to articles and news mentioned in the podcast:

  • More scams on Twitter including the recent IQ quiz attack.  Disinformation on social networks…someone died example..are you sure they are really dead?
  • Tom talks about his Open Source Intelligence Gathering talk that he recently gave.  How do you find information posted about your company on social networks and why should you look?  Now is probably a good time for your company to create a social media strategy and then develop a Internet postings policy around this strategy.
  • Cisco has a great Internet posting policy to reference when created one for your company.
  • Scott talks about creating a postings policy for your company.  Here is a link to the Forrester book titled “Groundswell” that talks about creating a social media strategy.
  • Kevin talks about Google Wave.  What is it and why would we want to use this?  What are some of the security issues with Google Wave?  Check out the great research that theharmonyguy has been doing on Google Wave.
  • Developers! Please start coding securely from the beginning of the project! ktksbai.
  • Be sure to follow us on Twitter to stay up-to-date on all the latest news in the world of social media security!

Please send any show feedback to feedback [aT] socialmediasecurity.com or comment below.  You can also call our voice mail box at 1-613-693-0997 if you have a question for our Q&A section on the next episode.  You can also subscribe to the podcast now in iTunes! Thanks for listening!