PHPNews

Weekly Update 105

It's another day-late weekly update courtesy of another hectic week. Scott and I were at NDC Sydney doing a bunch of talks and other events and I just simply didn't get time to push this out until sitting at the airport waiting for the plan home. This week's update is a little different as we did it at SSW's …

Continue reading »

Written by Troy Hunt - - Aggregated on Saturday September 22, 2018


Extended Validation Certificates are Dead

That's it - I'm calling it - extended validation certificates are dead. Sure, you can still buy them (and there are companies out there that would just love to sell them to you!), but their usefulness has now descended from "barely there" to "as good as non-existent". This change has come via a combination of …

Continue reading »

Written by Troy Hunt - - Aggregated on Monday September 17, 2018


Weekly Update 104

We're on a boat! This week, Scott Helme is back in town so I'm treating him to a rare sight for the Englishman - sunshine ☀️ We're also talking about my .NET Conf talk, Chrome's visual changes (and rolling back some of them), the FreshMenu data breach, getting better at filtering CSP reports, the effectiveness of …

Continue reading »

Written by Troy Hunt - - Aggregated on Saturday September 15, 2018


The 42M Record kayo.moe Credential Stuffing Data

This is going to be a brief blog post but it's a necessary one because I can't load the data I'm about to publish into Have I Been Pwned (HIBP) without providing more context than what I can in a single short breach description. Here's the story: Kayo.moe is a free, public, anonymous hosting service. The …

Continue reading »

Written by Troy Hunt - - Aggregated on Thursday September 13, 2018


The Effectiveness of Publicly Shaming Bad Security

Here's how it normally plays out: It all begins when a company pops up online and makes some sort of ludicrous statement related to their security posture, often as part of a discussion on a public social media platform such as Twitter. Shortly thereafter, the masses descend on said organisation and express their …

Continue reading »

Written by Troy Hunt - - Aggregated on Tuesday September 11, 2018


Weekly Update 103

It's been a week of travel for me with API Days in Melbourne on Tuesday, Fortinet Fast & Secure in Sydney on Wednesday then the Varonis webinar yesterday (recorded, I'll share once it's online). Be that as it may, I did manage to pump out a long-awaited blog post on the total cost of running Pwned Passwords in …

Continue reading »

Written by Troy Hunt - - Aggregated on Friday September 7, 2018


Weekly Update 102

A few little bits and pieces this week ranging from a new web cam (primarily to do Windows Hello auth), teaching my 8-year-old son HTML, progress with Firefox and HIBP, some really ridiculous comments from Namecheap re SSL (or TLS or HTTPS) and a full set of Pwned Passwords as NTLM hashes. I didn't mention it when I …

Continue reading »

Written by Troy Hunt - - Aggregated on Friday August 31, 2018


Pwned Passwords, Now As NTLM Hashes!

I'm still pretty amazed at how much traction Pwned Passwords has gotten this year. A few months ago, I wrote about Pwned Passwords in Practice which demonstrates a whole heap of great use cases where they've been used in registration, password reset and login flows. Since that time, another big name has come on …

Continue reading »

Written by Troy Hunt - - Aggregated on Tuesday August 28, 2018


Weekly Update 101

Home! I got up early today to a balmy 16-degree winter's day as we approach the last week before spring and felt genuinely thankful to be in this location. I've gotta stay home more... This week, there's no new blog posts due to travel commitments so it's a bit shorter, but there's still the usual array of goings …

Continue reading »

Written by Troy Hunt - - Aggregated on Friday August 24, 2018


Weekly Update 100

Made it to 100! And by pure coincidence, it aligned with the week where I've tuned out more than I ever have since gaining my independence which means there's really not much to talk about. But I did want to share a little about the snow in Australia (turns out it's not all beaches) and some thoughts on gov initiative…

Continue reading »

Written by Troy Hunt - - Aggregated on Friday August 17, 2018


Weekly Update 99

It's a traveling weekly update this week as I round out a couple of workshops in Sydney and head to Canberra. That's thrown the normal video cadence out a bit with me recording on a Thursday night (hence the beer) and publishing on a Friday morning, but there's a heap of stuff in there regardless. This week, I'm …

Continue reading »

Written by Troy Hunt - - Aggregated on Thursday August 9, 2018


Weekly Update 98

It's the coffee-machine weekly update! A slight change of scenery but other than that, it's business as usual. I'm going to keep this intro super-brief because it's very near beer o'clock and I have a very important task to go and take care of: BBQ time

Continue reading »

Written by Troy Hunt - - Aggregated on Friday August 3, 2018


Weekly Update 97

Alrighty, 2 big things to discuss today and I'll jump right into them here: Exactis: it's hard to know where to even start with this one and frankly, the more I think about the more frustrated I am that services like this even exist in the first place. But they do and it's worthwhile being aware of them so have a …

Continue reading »

Written by Troy Hunt - - Aggregated on Friday July 27, 2018


Weekly Update 96

This week I'm doing my best "dress like a professional" impersonation as I prepare to record the next episode in our quarterly Creating a Security-centric Culture series . We're putting these out for free every few months and right after wrapping up this week's update, I recorded the next Pluralsight one and that's …

Continue reading »

Written by Troy Hunt - - Aggregated on Friday July 20, 2018