Posts Tagged ‘security’

A better WannaCry advisory for schools

The Ministry of Education sent out a very poor advisory to schools about “WannaCry” today, based primarily (from what it seems) on the poor information coming from CERT-NZ. The advisory contains several factual errors, which the Ministry should not be spreading to schools.

I’ve written an improved advisory (I’ll update it as required).

Continue reading

Advertisements

Why “3 tries and you’re locked” *weakens* security

Some organisations have a security policy that after three failed authentication attempts an account is locked (requiring manual unlocking by an IT support person) – the goal is to strengthen security, but this actually decreases the security of the organisation. Continue reading