Friday Squid Blogging: Little Squid
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
Posted on October 31, 2014 at 4:20 PM
Verified by idiots.
Just been sent to the "verified by visa" site after a purchase
Except the site is listed as .xyzcommerce.com - surprisingly that is actually the correct site. Nice work guys, train your customers to expect bank links to some weird other address.
Enter the passwd. Can't remember it because I hate Vf by Visa.
Fortunately all you need to create a new passwd is the card and your dob.
Use secure passwd. Refused - you have to have 8 characters. Interesting it is obviously ignoring symbol characters.
Swap them for upper/lower case - you have already used this passwd (damn it was probably the current one)
Change the case around - you have already used this passwd
Interesting. so it is rejecting symbols and collapsing case. I wonder if they are even hashing passwds?
Photo of Bruce Schneier by Per Ervland.
Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.