Blog Blog

News News
 

Passwordless password manager

Posted on Mar 3, 2011 in blogSecurityTips

Most people I know tend to simply use the same password on ALL websites. Email, Paypal, Amazon, Ebay, Facebook, Twitter. This is obviously a very bad idea. Passwords are always a problem. Difficult to remember, hard to think of a good one when you need a new one, tricky to keep safe. For the moderately-paranoid and the sufficiently-techie there are many good solutions out there. Password managers. Online, offline, commercial, free. So I usually suggest to my friends and colleagues to use a password manager. I personally like to use clipperz (online). I also used keepass (multi-platform). Both free and … Read more

Open-source Security Assessment

Posted on Jan 11, 2011 in blogBugsDevelopmentSecurityTesting

Perhaps this is not strictly related to Testuff, but my article with Dr. Carlos Cid was recently published on SearchSecurity. Hope it might give some of you ideas on evaluating security for open-source as well as closed-source projects. The scope covers more than security-testing, but touches on elements of testing and assessment for security bugs that might be of interest to the testing community. Yoav The Testuff Team