Profile

Cover photo
Cam Morris
Works at Partnet
29 followers|6,170 views
AboutPostsPhotosYouTube

Stream

Cam Morris

Shared publicly  - 
 
Last night's OAuth 2.0 - OpenID Connect presentation.   Feel free to clone, modify and reuse.  (I had a lot of fun with prezi.  It keeps getting better for building presentations)
1
Add a comment...

Cam Morris

Shared publicly  - 
 
Announcing OWASP Passfault v0.8 'Highlander', named for the students of NJIT that worked on it. Goal of Passfault?: Better passwords!
1
1
Cameron Morris's profile photo
Add a comment...

Cam Morris

Shared publicly  - 
 
Today, the next major version of HTTP took a big step toward becoming a reality; it's been officially finalized and now moves towards being fully standardized. According to a blog ...
1
Add a comment...

Cam Morris

Shared publicly  - 
 
#PasswordFail of the Day.  
Generated random password: vi8Seig0Yot7eihauf3yeCh9.  
Password length: 24 Characters.  
Intel: "Password must contain at least 1 of the following !@#$% special characters"
Next try: 12Intel!
Intel: "Congratulations, your account has been created!"
1
Add a comment...

Cam Morris

Shared publicly  - 
 
IntelliJ's free editor is incredible.  They just gave me a free license for the super-duper version for me to to work on my OWASP project.  Below is the link if you are interested in doing the same.
Open Source licenses are available to non-commercial OS software projects that meet the Open Source definition and a set of additional criteria. Please make sure that you meet the following criteria: You are the project lead or a regular committer. Your OS project meets the Open Source ...
1
Add a comment...

Cam Morris

Shared publicly  - 
 
Promising new technique to hash passwords
Polypasshash : A Password hashing scheme that prevents an attacker from cracking passwords individually and efficiently.
1
Cam Morris's profile photo
 
"At a high level, the idea behind this work is to store protection information such as the key in a way that it is recoverable only with a threshold of passwords. Thus the key does not reside on disk, but instead lies within the minds of the users (unbeknownst to them). By leveraging a threshold system, users organically provide the threshold of correct
passwords (typically 2-4) needed when logging in."
Add a comment...

Cam Morris

Shared publicly  - 
 
Objective: Do Passwords Better
 
Announcing the OWASP Passfault 0.7 "Gator" release!  This release is named for the volunteers from the University of Florida that contributed.

The goal of the next release will be towards integrating with ESAPI.  Roadmap here: https://www.owasp.org/index.php/OWASP_Passfault#tab=Road_Map_and_Getting_Involved
1
2
Cameron Morris's profile photoCheckmarx's profile photo
Add a comment...
Have him in circles
29 people
Trace Peters's profile photo
Dennis Groves's profile photo
杨利's profile photo
Gaurab Raj Pant's profile photo
Partnet, Inc.'s profile photo
BCC Risk Advisory's profile photo
Matt Tesauro's profile photo
Andrew van der Stock's profile photo
Surya Prakash's profile photo

Cam Morris

Shared publicly  - 
 
This is going to awesome.
 
@PartnetInc Enters the Automated Testing Market with our new Open Source Automated Testing Software, SeAuto
Partnet Enters the Automated Testing Market with their Open Source Automated Testing Software, SeAuto. Create a robust, browser-based test automation framework with a single command. SALT LAKE CITY – March 31, 2015. Partnet, Inc. announced today the worldwide release of SeAuto ...
View original post
1
Add a comment...

Cam Morris

Shared publicly  - 
 
5 most impactful OWASP projects in my career in security and development: 1 Cheat Sheets, 2 OSAMM, 3 Dependency Check, 4 ZAP, 5 Cornucopia
1
Cam Morris's profile photo
 
Runners up: Top Ten and WebGoat
Add a comment...

Cam Morris

Shared publicly  - 
 
“The ability to attack is certainly outpacing the ability to defend,” said Lillian Ablon, a security researcher at the RAND Corporation. “We’re constantly playing this cat and mouse game, but ultimately companies just patch and pray.”
The hacked records, discovered by a Milwaukee-based security firm, include username and password combinations and more than 500 million email addresses.
1
Add a comment...

Cam Morris

Shared publicly  - 
 
Here is a Presentation/Demo of OWASP Passfault.  Thanks OWASP for sponsoring the webinar and giving me a voice.  
1
Doug Erickson's profile photoCam Morris's profile photoJason White's profile photo
3 comments
 
Nice job Cam
Add a comment...

Cam Morris

Shared publicly  - 
 
I'll speak about passwords and OWASP Passfault at OpenWest Conference May 8-10
Does this policy make my password look fat? Cameron Morris (10.May.2014 at 10:00, 50 min) Talk at OpenWest 2014 (English - US). Rating: 0 of 5. Everyone knows passwords are the weakest link. OWASP Passfault is a project made to fix it. It's a new technique for analyzing passwords and enforcing ...
1
Add a comment...
People
Have him in circles
29 people
Trace Peters's profile photo
Dennis Groves's profile photo
杨利's profile photo
Gaurab Raj Pant's profile photo
Partnet, Inc.'s profile photo
BCC Risk Advisory's profile photo
Matt Tesauro's profile photo
Andrew van der Stock's profile photo
Surya Prakash's profile photo
Basic Information
Gender
Male
Relationship
Married
Work
Occupation
Software Security Specialist (50% Developer, 50% Security Guy)
Employment
  • Partnet
    Software Security Specialist, present