I believe the Passwords are the biggest security problem facing public computing and YubiKey is the answer. A password is often the only thing between your stuff and the people who want to steal your stuff. Passwords fall victim to all sorts attacks. This little device acts like a USB keyboard. Each time you press the button it generates a thirty two charter one-time-password (OTP) password. There are all kinds of instructions for installing a Yubikey.
Recovering ESXi root password is not like most linux system. You can’t just put ‘single’ into lilo. You need to boot a Linux CD into recover mode. mount /dev/sda6 to /mnt/sysconfig cd /tmp tar zxf /mnt/sysconfig/local.tgz vi /tmp/etc/shadow remove the password fro mthe root entry. That’s all there is to it, good luck!
Dear Steve Gibson, On January 29th (2009) I found a flaw in the [Dear Steve Gibson, On January 29th (2009) I found a flaw in the]1 authentication server used by owner of the Yubikey. It allowed reuse of one time passwords (OTP) generated by a Yubikey during the same insertion. I documented the problem and contacted Yubico and to confirm my findings you. My frustration over this even has continued to bother me so I’m writing this blog post.
A little over a year ago I discovered a Yubikey Replay Attack . The YubiKey is a hardware authentication token that looks like a small USB memory stick, but it is actually a keyboard. With the command of an integrated touch button, the device can send a time-variant, secure login code as if it was typed in from a keyboard. And because USB-keyboards are standard on all computers the YubiKey works on all platforms and browsers without the need for client software.
I just finished reading; Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground By Kevin Poulsen. This is be the best behind the scenes of the new hacker world. If you read Hackers by Steven Levy and or The Cuckoo’s Egg by Cliff Stole, this is a must read for you. It is just amazing how much detail and understanding Kevin brings to the details in this book. I had to read and re-read many pages to follow the twists and turns the rise and fall of Max Vision.
I’ve known and lived with Linda, my wife, for over thirty years. You think after that time it would be hard to surprise me. I’ve never thought of Linda as being the technical type. She loves people but not things. A few months ago I created a website for her and didn’t do anything more the load the software. She didn’t tell me she was using it. She didn’t as me how to use it.