From stuartschechter.org
How some of the world's most brilliant computer scientists got password policies so wrong
1 6
The US government’s latest recommendations acknowledge that password composition and reset rules are not just annoying, but counterproductive. The story of why password rules were recommended and enforced without scientific evidence since their invention in 1979 is a story of brilliant people,...
on Nov 15
From stuartschechter.org
0 0
A record of my academic addiction and occasional relapses David Ng, Jacky Ho, Christian Hercules, Cristian Bravo-Lillo, and Stuart Schechter. Do Password Managers Improve Password Hygiene?, Harvard University Tech Report, 2022 Stuart Schechter and Cormac Herley, The Binomial Ladder Frequency...
on Apr 14
From stuartschechter.org
The Safety Tips Dating Apps Omit
0 0
Before creating that dating profile… Consider that you might be travel outed (or trouted) The makers of dating apps mostly present ‘safety’ as a matter of managing the risks of interacting with matches online and in person, and not the risks of trusting an app to facilitate this process. Whether...
on Feb 14
From stuartschechter.org
0 0
Mastodon’s current option for embedding posts (“toots”) on other websites is inefficient, inflexible, and insecure.1 It embeds posts via an iframe element which loads over a megabyte of content and scripts from the Mastodon server. That iframe gives those scripts full control over your webpage.2...
on Oct 25, 2023