Every time when you open a document in Advanced Office Password Recovery it performs the preliminary attack in case when the "file open" password is set. This attack tries all passwords that you recovered in past (which are stored in password cache), dictionary attack and finally the brute-force attack is running.

In brief, here is the "problem": for years (I think starting from Windows 3.0 released almost 20 years ago), the passwords are being masked as you type them (in most programs what have any kind of password protection, and an operating system itself), i.e. replaced with asterisks or black circles. What for? To prevent the password from being read by someone who stands behind you.

New statistics* shows disaster recovery (DR) is getting more attention, and more upper level execs become involved with DR issues. Ideally, each company should have an emergency plan in case of power/system failure, loss of access, outside attack, sabotage or else – called DRP (disaster recovery plan) or even DRRP (disaster response and recovery plan). DRP is only a part of risk management practices which ensure emergency preparedness and risk reduction and include such initiatives as regular data backups, stocking recovery software, archiving, etc. – these activities are reflected in PMI and NIST standards.

In my previous post I suggested several variants of computer security translated by different laws. Now I’d like to get to ciphers…again viewed by law.

Most laws define security obligations as reasonable, appropriate, suitable, necessary, adequate etc. without giving more precise directives to follow. Is it good or bad? And what should be known about these standards?

In this entry I’d like to suggest a kind of a list of various legal decisions on password [ab]use I could find on the web. Your add-ins are welcome, just put in any other acts you know…

 Today’s technologies allow staying online practically 24 hrs a day, periodically falling into a sleeping mode. The Internet became easily accessible and numerous devices can connect us to the web from everywhere, and every time when we surf the web we are being registered, at least via IP address of our devices. 

Wow, Adobe rethinks PDF security. Curious why? Because of vulnerabilities in Abobe Reader (and so zero-day exploits), of course. From the article:

Time is money, difficult to contradict this fact. And another proven fact is that you lose something exactly when something turns out to be absolutely necessary. Once you lost a password to your Word document or presentation that you were going to give in an hour, or Excel report which was supposed to be sent to your manager yesterday… you will count seconds before you get back your files. (more…)

A number of D-link routers are now equipped with captcha feature. Sounds interesting.