#all the encryption in the world won't make a difference if you leave the front door cracked open
Explore tagged Tumblr posts
Visit Tumblr Blog
Explore Tumblr blogs with no restrictions, modern design and the best experience.
Last Seen Tumblr Blogs
delightfultreats25
Delightful treats
3 posts
defsmall
-stories-
2 posts
deletedfilmz
DeletedFilmz
9 posts
boburnhamhistorian
Bo Burnham Historian
483 posts
nnoragamis
god of calamity.
110 posts
Fun Fact
Tumblr.com is the 103rd most visited website in the world.
actualbuckybames 2 years ago
Text
All of the points being made here and the undeniable fact that 2FA is less accessible than not having 2FA are valid reasons to critique the widespread implementation of 2FA - particularly when it's made a new requirement with little warning or education for people using those systems.
At the same time, systems aren't implementing 2FA for no reason, and the article doesn't mention the security reasons at all, just that 2FA is a kind of security. That first example in this chain - someone who is not the owner of the account trying and failing to log into a system containing valuable health and billing info because they do not have access to the second factor of authentication - is 2FA working as intended. It's inconvenient, financially burdensome, and outright aggravating in that instance, yes. But it's doing its job.
Credential stuffing attacks simply do not work when 2FA is involved. Those massive data breaches dumping millions of usernames and passwords onto the net go from catastrophic for the affected accounts to merely inconvenient as people who can log in - because they have the second factor - change their password.
Again, I don't mean to downplay how 2FA can prevent well-meaning individuals from aiding friends and family members or how it can be yet another barrier for disabled individuals trying to access certain services. However, websites guarding your information - PHI, financial info, etc. - need to be confident that the person accessing the account is A) who they say they are and B) authorized to access the account. 2FA is one way a site can check off point A. Username and password pairs just aren't enough anymore. Wondering why? Just ask haveibeenpwned and every major data breach in the last few years.
(As an aside, you may have noticed that security questions have also generally gone the way of the dinosaur. This is because the answers tend to be from a limited pool and otherwise easy to guess with information that's available with just a bit of digging.)
No matter what we do, at the current technological moment, security and accessibility are largely a zero-sum game. New developments with webauthn and public-key cryptography show promise for reducing some of the tradeoff, but the tradeoff will still be there. Not everyone can have a cell phone. Not everyone can have an email. Not everyone can keep track of a little usb stick that generates codes every now and then.
2FA isn't going away anytime soon and, unless a 2FA implementation is so horrible it impacts everyone's ability to access the service, it's unlikely to be rolled back. Don't let that stop you from continuing to talk about your frustrations with 2FA. Highlight specific pain points in the process that present difficulties for you. Write them down, make them public, so developers involved in implementing those systems can make them as painless and accessible as possible.
resharing this oldie because i just got a new laptop and the number of times i am being required to login to things, login to a DIFFERENT app/program/password manager/authenticator, provide a number, and then login again is making me fucking INSANE
#2fa#tbh if you have specific complaints i'd love to hear them#i have an interest in 2FA and making security accessible#so yeah#also re: why websites outsource 2FA to apps/sms/etc#software is built on sharing and the principle of not reinventing the wheel#additionally the more options that are out there (in theory) the more accessible 2FA becomes#(with the balance of 'the various solutions have all been vetted')#you may not have the internet to make microsoft authenticator work#but duo doesn't need the internet the generate a code#'2FAand MFA outsources the responsibility for keeping a platform safe away from the company that developed and runs it'#and liquor stores ask to see your driver's license before selling you booze#like i get how it looks to have 2FA not be done by the site you're trying to access#but also that's kinda the whole point#also the article says this:#'It鈥檚 a Band-Aid that many services have reached for in recent years in lieu of developing systems that protect the entire platform'#and that's...just flat out wrong#2FA is not a band-aid. it's an evolution of our understanding of online security#2FA is that system that protects the entire platform#and it does that by trying to ensure that only the intended individuals can get through the gate#all the encryption in the world won't make a difference if you leave the front door cracked open
5K notes View notes
meimi-haneoka 7 months ago
Text
Willow - Akiho/Kaito ficlet
Tumblr media
Oooooh I'm back with another sappy moment between Akiho and Kaito!!
A little story I thought up while I was drawing my latest fanart.
In fact, this ficlet is an accompanying piece of my illustration that you can check out here. This is the first time I do something like this and if it's interesting, I might do it more in the future.
The title comes from Taylor Swift's "Willow", because I was listening to this song a lot when chapter 80 was released, and I had the first idea for this fanart.
Akiho here is 19, and she's by now in a relationship with Kaito.
They reached a point where they basically look the same age (like in my fanart) and still haven't found the spells they are looking for.
There's some "steamy" atmosphere between them, but....well, I'll leave it to you to find out! 馃槀Under the cut, as usual!! (don't miss the bonus with a certain special guest that I've put in my reblogs)
Tumblr media
Akiho plopped down on the carpet in front of a heap of big cushions, holding a big, thick book with a nicely decorated hardcover, a freshly acquired treasure from the local public library.
Despite having already checked two different books, she was ready to take a deep dive into the mysterious contents of the heavy tome in her lap, which thankfully was written in a rune system she already knew, allowing her to decode it without much effort.
The thickness of the book suggested that browsing through it wouldn't turn out to be a quick task, but Akiho didn't seem fazed in the least.
She was in her natural element, after all.
The young woman had no magic powers herself, but in all these years of scouring libraries all over the world looking for two particular magic spells, she had become familiar with a multitude of concepts she only had grazed while living with her clan, reading magic books for them.
Kaito, of course, had filled her in for all sorts of things she didn't know. Magic sources, magic systems, magic jargon...by now, they held no secrets for her.
She knew she couldn't embark on this mission without understanding the matter fully, and she found it fascinating, so she didn't perceive it as a burden nor reignited her personal insecurities of the past. She might not have been blessed with magic in her blood, but it felt empowering to gather knowledge about it, in order to make her wish come true.
However, merely 20 minutes later, Akiho began feeling slightly frustrated at the content of this particular grimoire. She found out that some of the pages had blank spaces right under what appeared to be some sort of code names she never heard of.
"I'll never get to the end of it, at this rate", she murmured.
Yet, the more secretive a book was, the better chance for her to find the complex spells she was looking for. She knew that much.
"Kaito-san...? Could you help me here for a second?"
A few seconds later, the dark haired young man appeared at the door of the library room, pausing for a moment by the threshold. He peered at her intently for what Akiho felt were five very long seconds, and then walked towards her.
To her surprise, he sat down on the carpet and snuggled her from behind.
"Let's see..." he said nonchalantly as Akiho stared straight ahead at the blank space on the book, heat uncontrollably rising from her cheeks while she tried to keep her composure.
"Uhm...some of the procedures for these spells are encrypted with a code name. I'm pretty sure the description won't appear unless someone with magic decrypts them..."
The magician looked intently at the page Akiho was stuck on, and then confidently declared "Siliyaesta...ah, this should be a spell to transmute people into animals".
As if confirming the correct answer, runes appeared on the page among a myriad of colorful sparkles, filling the blank space.
Akiho stared in awe and then grinned enthusiastically.
"You're incredible...there isn't a single spell that can escape your knowledge."
"Just the result of a childhood spent shut in a library to avoid despicable people."
Akiho chuckled in response to his bitter irony.
"...I could've said the same. Well, too bad this has nothing to do with the spells we're looking for."
She quickly turned the next few pages to move to the next magic ritual, when she felt him tighten his embrace and lower his face dangerously close to her ear.
The shiver that went down her spine caused her breath to hitch, loud enough for him to hear. Much to her embarrassment.
"Kaito-san.... this is not the mom-" "Your hair was tickling my nose."
Despite the red of her cheeks deepened further, Akiho couldn't help but roll her eyes. She knew quite well what he was trying to do, even when he feigned ignorance like this. It slightly annoyed her, but also stirred up the butterflies in her stomach. "Damn", she thought while sighing, "he's so childish sometimes".
Kaito had the nerve to smirk, amused by the reaction of the young woman he was clutching tightly, with the eagerness of a three year old with his most beloved teddy bear.
"We need to check as many magic books as possible during this weekend. I have classes again on Monday and you know that between university and my commissions for book repairs, I won't have as much time on weekdays" she gently reprimanded him.
"You're tired, Akiho-san. Put that book down for a moment" he said candidly, with that unnerving grin of his.
"Are you trying to sabotage me?" she retorted, bewildered.
Both knew how important what she was doing was, and it's not like Kaito didn't help with the quest either. The more time passed, the more Akiho could feel anxiety creeping in the depth of her soul. Especially now that they looked basically the same age.
"I wouldn't call this 'sabotaging', I'm just making sure you still have some semblance of eyesight for your classes on Monday", he replied placidly.
Touch茅. The two books and half had taken their toll on her and, admittedly, her eyes felt quite strained at the moment.
"Alright," she finally turned around, still wrapped in his grip, "if that's what you want, then make me."
Blue topaz met amethyst, twinkling in the dimmed light of the library.
Akiho felt Kaito's hands on her stomach shifting, heart beating like a drum, anticipation stifling her breath. His eyes had taken on a devilish glint.
Then, a squeal echoed in the room.
"K-Kaito-san!! No! Please stop!!"
The magician had turned Akiho into a ticklish, laughing mess, grimoire successfully removed from her hands, abandoned on the floor.
After a few minutes he eventually decided to have mercy on the young woman wrestling and squealing in his arms, stopping his tickling attack.
Defeated and breathless, Akiho couldn鈥檛 help but feel a bit annoyed at Kaito鈥檚 triumphant smile, for more than one reason actually, yet she was sure she had fallen in love with him even further, and she couldn't honestly understand how he did that to her.
It was a mystery.
You know that my train could take you home
Anywhere else is hollow
I'm begging for you to take my hand
Wreck my plans
That's my man
Tumblr media
#yuna d. kaito#akiho shinomoto#yunaaki#akiyuna#cosmos & crystals#spilled words#Kaito is a lil' bastard (for a good cause) even several years later#lmao I'll leave it to you to imagine what happened afterwards 馃槒馃槒馃槒#ohohoh#isn't it fun to write for these two when they're grown up?#being able to give full shape to the hints and foreshadowings of their future relationship that were given in the manga
17 notes View notes
thesiliconreview1 2 years ago
Text
Top 6 Cybersecurity Tips For working from home
Cybersecurity tips for working from home
Cybersecurity is vital to remote companies in today's digital world as it helps to protect your data from malware and other cyberattacks. Unlike working from the office, working from home presents more risks of cyber breaches. In a recent survey, 39% of employees admitted that their cybersecurity practices at home were less thorough than those from the office.
Additionally, insider attacks are more common with remote workers than in the office. This is because remote employees are likely to leave their devices exposed to scammers. For that reason, you'd want to establish ways that can enable you to ensure your company data is safe from cybercriminals. That said, here are the top six cybersecurity tips for remote enterprises:聽聽聽
Tumblr media
Use a virtual private network (VPN)
Working remotely comes with numerous advantages, including working from any location. However, employees risk revealing their addresses to attackers using their Internet Protocol (IP) addresses when they work from anywhere. Fortunately, when you useVPN, you can cover your workers' IP addresses and stop hackers from accessing their location and data. A VPN forms a safe tunnel between your team members and your organization's server.
Ideally, a VPN works by setting up links between gadgets. All devices that link up to the VPN establish encryption keys. These keys are used to encode and decode every piece of information sent between the gadgets. This allows you to boost the security of your web session,enterprise file sharing, and sensitive data regardless of location.聽聽
Secure your devices with strong passwords
Passwords offer front-line security against unauthorized access to your private data and devices. Without a password, all your data will be available to everyone who tries to access it. Therefore, when creating your passwords, make them as strong as possible.
A weak password can expose your data to significant security risks. Attackers can find it easy to guess or brute-force, especially if the password is short. According to 2021researchby GoodFirms, 30% of data breaches were caused by weak passwords. Also, 45.7% of users keep the same password for different sites.
That said, here鈥檚 a quick guide to creating asecure password:
Make it at least 12 characters long
Use both lowercase and uppercase letters
Add special characters
Avoid using personal information like email address, date of birth, or easy digit combinations that anyone can guess.
Remember to change your password frequently and never use the same password for numerous applications.
Use two-factor authentication
Cyberattack cases are on the rise as hackers come up with more advanced methods of accessing your devices. In 2021, the average number of cyberattacks and data breaches increased by15.1%compared to 2020. For this reason, you need a better way to secure your devices and keep hackers away.聽 聽
Two-factor authentication (2FA) adds an extra layer of security to your online accounts. Unlike the usual login procedure that requires a username and password, 2FA requires additional credentials for someone to access your account. Usually, these other credentials are some things that belong to you, like a fingerprint, and without them, it's impossible to access your account. This makes it hard for cybercriminals to access your account using the stolen login information.聽聽聽聽聽
Educate your employees about cybersecurity
Negligence is among the significant contributors to cyberattacks. Over 40%聽of reported security breaches are caused by team member negligence. When your employees are unaware of cybersecurity, they won't pay much attention to the safety of their devices. For this reason, ensure you train your remote workers about phishing emails so they won't click on any email they receive.
Also, you can emphasize the importance of updating their systems and the effects of threats on your organization. This way, they can adhere to the best cybersecurity measures and protect their data remotely.聽
Be aware of phishing scams
One of the most common types of cyberattacks is phishing. This accounts for approximatelythree-quartersor 75% of all cyberattacks. Ideally, hackers will send you a message pretending to come from one of your team members or a reputable website. The message usually directs you to a fake website where you may need to enter your personal information, click a link, or download a malicious attachment.
Thankfully, when you're aware of such incidents, you'll always be alert and never accept being a victim. Here are some ways to spot phishing scams:
The email demands urgent action, like loss of opportunity, if you don't take immediate action. Attackers mostly use this trick to make you rush before taking time to read the email.
The email may contain suspicious links and attachments.
The message may request payment information, login details, or other personal data.
The message may have grammar errors, or the domain name may be misspelled.
The email may contain an unusual salutation.
If you notice these signs, don't open any links and attachments until you confirm it's from a legitimate source. Also, consider deleting the message to avoid accidentally opening it in the future.聽
Keep your software up-to-date
It's uncommon for one to ignore an update message that pops up on your screen. An outdated operating system and software have a significant impact on the security of your system. It generates a weak link in your system and a simple route for hackers.
However, with an updated design, you can mend security defects. You won't have any software vulnerabilities that may allow cybercriminals to access your sensitive information. This ensures your data is well protected.
In addition to improving security vulnerabilities,software updatescan boost performance. Software developers may detect bugs in a program and may have to make the necessary changes to boost its functionality. You're sure to have the best experience when you obtain the new version.聽聽 聽
Conclusion
Remote working is arguably one of the most common norms globally. Although this system has numerous advantages, security is one of the biggest challenges you may face. Remember, cyberattacks can have tremendous effects on your business. Thus, you'd want to prevent these impacts using various cybersecurity practices.
Constantly updating your systems and using strong passwords can prevent cyberattacks. Also, using different passwords for each application and, most importantly, training your team members to be constantly vigilant for phishing scams would be helpful. Eventually, you'll run your remote business securely and successfully.聽
#latest news#cybersecurity#tips for wfh#tips#work tips#cyberattack#security
0 notes