What a misleading and deliberately inflammatory title.
-
@tychotithonus Welcome to knowbe4. They have a long history of very slimey sales and marketing teams.
@Xavier @tychotithonus dig kevin up and hang him from the city gates
-
R relay@relay.infosec.exchange shared this topic
-
What a misleading and deliberately inflammatory title.
I am incensed. Public communication matters.
Your Password Needs To Be 25 Characters or Longer Due to AI and Quantum Attacks
Prior to my further research into AI and quantum for my latest book, How AI and Quantum Impact Cyber Threats and Defenses, I had pretty solid password...
(blog.knowbe4.com)
@tychotithonus knowbe4 are a pack of frauds
-
What a misleading and deliberately inflammatory title.
I am incensed. Public communication matters.
Your Password Needs To Be 25 Characters or Longer Due to AI and Quantum Attacks
Prior to my further research into AI and quantum for my latest book, How AI and Quantum Impact Cyber Threats and Defenses, I had pretty solid password...
(blog.knowbe4.com)
@tychotithonus LOL
I feel like this is my personal war: I don't care how long or complex your password is, and neither should you, because your passwords should be generated-by and stored-in a password manager
Your biggest risk is having a password stolen on one site that you use in another, not in people magically cracking it
-
@tychotithonus LOL
I feel like this is my personal war: I don't care how long or complex your password is, and neither should you, because your passwords should be generated-by and stored-in a password manager
Your biggest risk is having a password stolen on one site that you use in another, not in people magically cracking it
@iagox86 @tychotithonus knowbe4 forces their customers to allow them to have direct to inbox access, bypassing all security, thereby rendering their entire service meaningless, since none of their shit could ever make it past real filtering
-
@iagox86 @tychotithonus knowbe4 forces their customers to allow them to have direct to inbox access, bypassing all security, thereby rendering their entire service meaningless, since none of their shit could ever make it past real filtering
WHAT!?!?
I did not know that. I have heard their name mentioned in edu circles, but I have never looked deeply into their service.
What. A. Shitshow.
-
@iagox86 @tychotithonus knowbe4 forces their customers to allow them to have direct to inbox access, bypassing all security, thereby rendering their entire service meaningless, since none of their shit could ever make it past real filtering
@Viss I mean, to be fair, if your goal is to track which people click on the thing, the thing has to go through. They're testing a different layer of the controls, so to speak.
Though I am not personally a fan of that -- it feels like "gotcha infosec" when done wrong, and it usually is, and I usually recommend people take that money and spend it on phishing-resistant MFA instead - I do see why it needs a clear path inward to test what it's testing for.
-
@Viss I mean, to be fair, if your goal is to track which people click on the thing, the thing has to go through. They're testing a different layer of the controls, so to speak.
Though I am not personally a fan of that -- it feels like "gotcha infosec" when done wrong, and it usually is, and I usually recommend people take that money and spend it on phishing-resistant MFA instead - I do see why it needs a clear path inward to test what it's testing for.
@tychotithonus dude i designed twitters entire platform, in house, from scratch, and no, you dont have to do ANY of their bullshit
-
@tychotithonus dude i designed twitters entire platform, in house, from scratch, and no, you dont have to do ANY of their bullshit
@tychotithonus i tracked eeeeeeeeverything. and i still have all my old code
-
WHAT!?!?
I did not know that. I have heard their name mentioned in edu circles, but I have never looked deeply into their service.
What. A. Shitshow.
@funnymonkey @iagox86 @tychotithonus they are legitimately "the cheapest possible option available so you can tell your business insurance org that you do phishing training"
-
@tychotithonus i tracked eeeeeeeeverything. and i still have all my old code
@Viss Huh, I had never really thought about how that work work if it didn't traverse the same inbound email path as everything else without special handling. I don't mean to pry, but I'd be interesting in learning about that!
