Jonathan Cogley's Blog
C#, Test Driven Development, Pair Programming, MVP C#, ASPInsider, Secret Server
Browse by Tags
All Tags
»
Security
(
RSS
)
.NET
Blogging
General Software Development
ISV
Software Development
TechEd
Secret Server 4.1 goes live!
Saturday, March 15, 2008 12:56 PM
The team thinks it should be 5.0 since the new features were pretty huge! :) The full release notes are here . The new version includes role based security which allows you to slice and dice the access to various features across your organization. We also have a new feature that allows you to automatically launch Remote Desktop from a secret...
Read More...
Bad password requirements
Thursday, January 24, 2008 9:02 AM
This morning I signed up with a major credit card company website. Much to my surprise I was greeted with this requirement while choosing a password: Your Password should contain 6 to 8 characters . at least one letter and one number (not case sensitive), contain no spaces or special characters (e.g. &, >, *, $, @) and be different from your User...
Read More...
Symmetric Salting - remember that salt goes with more than just hash
Thursday, November 15, 2007 1:26 AM
If you understand hashing and salting then skip the next paragraph. Stored passwords for logins should be hashed and salted. Hashing is a one way mechanism to produce a practically unique value based on the given input. This is useful since we can store the hash (and validate the password whenever needed) without storing the actual password. ...
Read More...
Shipping Software ... Secret Server 3.1 Sneak Peek
Sunday, July 29, 2007 11:45 PM
Shipping software is one of the most exciting times for a development team but this new release is easily the most anticipated version of Secret Server to date by our customers. Secret Server 3.1 will feature the two most requested features from customers who visited our booth at TechEd in June 2007: full Active Directory synchronization along with remote password...
Read More...
Kevin Jones is now an ASP.NET MVP!
Tuesday, April 10, 2007 4:21 PM
Our own Kevin Jones has been awarded MVP for ASP.NET by Microsoft. This award recognizes his excellence in technical skills and his contributions to the community in spreading best practices in software development. Kevin has been instrumental in the development of Secret Server since 2.0 and now including Secret Server Online. He has been involved in some fun...
Read More...
Secret Server 1.1 makes the Daily Grind
Tuesday, March 28, 2006 1:03 PM
Mike Gunderloy, one of our early adopters, has added our Secret Server 1.1 release to the Daily Grind today! This is a huge compliment from a guru in tools, development and the developer community. Thanks Mike! If you don't know about the Daily Grind , read all about it here . Jonathan Cogley is the CEO and founder of thycotic, a .NET consulting company and ISV...
Read More...
Feeling your users pain (and release notes for Secret Server 1.1)
Monday, March 27, 2006 11:44 AM
It is a wonderful feeling to ship software - it has been a long hard slog to get this round of features complete. Especially while juggling our developers across various projects and client work. This is also a welcome release as we get to use all the new features in our own company Secret Server instance. It is also a relief to finally get rid of those few really...
Read More...
Secret Server 1.1 is out ... go and get it!
Monday, March 27, 2006 2:31 AM
I haven't blogged in a few weeks but I have a few good reasons. Client projects with tight deadlines, the final push for our second big release of Thycotic Secret Server and also holding back on the irresistable urge to talk about features that aren't released yet (not much of a marketing person, huh?). We have listened to feedback and added several features...
Read More...
Keep the numbers meaningful in Security Reviews
Tuesday, December 13, 2005 12:42 AM
I just came across this post (older) by Robert Hurlbut titled "DREAD is dead" and it reminded me of our experiences with these same ratings today. We are in the middle of a Security Review for a client and have been working through our threat model to assess the risk associated with each item. DREAD is a technique for assessing such risk using the factors: D...
Read More...
More Posts
Go
This Blog
Home
Contact
Links
Tags
.NET
.NET User Groups
Agile
ASP.NET
Blogging
Books
Code Camp
Continuous Integration
Design Patterns
DevConnections
Extreme Programming
Fun
General Software Development
ISV
Java
jquery
Microsoft DevDays
Microsoft Partner
Open Source
Pair Programming
PDC
PghDotNet
Refactoring
RegEx
Remote Scripting
Security
SharePoint
Software Development
SQL Server
TDD
TeamLead
TechEd
Test Driven Development
VB.NET
Navigation
Home
Blogs
Archives
October 2011 (1)
May 2011 (1)
April 2011 (1)
March 2011 (3)
December 2010 (1)
October 2010 (1)
August 2010 (2)
July 2010 (2)
April 2010 (2)
March 2010 (4)
February 2010 (2)
December 2009 (2)
November 2009 (7)
August 2009 (1)
July 2009 (2)
June 2009 (2)
May 2009 (3)
April 2009 (5)
March 2009 (2)
April 2008 (5)
March 2008 (10)
February 2008 (1)
January 2008 (4)
December 2007 (2)
November 2007 (2)
October 2007 (2)
August 2007 (1)
July 2007 (2)
June 2007 (3)
May 2007 (3)
April 2007 (3)
March 2007 (7)
February 2007 (4)
January 2007 (4)
December 2006 (1)
November 2006 (3)
October 2006 (6)
August 2006 (2)
July 2006 (2)
June 2006 (2)
May 2006 (3)
April 2006 (5)
March 2006 (4)
February 2006 (2)
January 2006 (5)
December 2005 (9)
November 2005 (1)
October 2005 (2)
September 2005 (9)
August 2005 (2)
July 2005 (2)
June 2005 (3)
May 2005 (4)
April 2005 (6)
March 2005 (5)
February 2005 (1)
January 2005 (2)
December 2004 (3)
November 2004 (8)
October 2004 (12)
September 2004 (5)
August 2004 (1)
July 2004 (3)
June 2004 (1)
May 2004 (6)
April 2004 (2)
March 2004 (3)
February 2004 (5)
January 2004 (2)
December 2003 (3)
October 2003 (2)
September 2003 (2)
August 2003 (1)
Syndication
RSS
Atom
Comments RSS