KeyChest Blog

What are the impacts of cryptography in IT?

May 19, 2019 9:18:49 PM / by Dan posted in security, quora, risk management

0 Comments

Let me assume your question is about the impact on IT users. If you want to think about cryptography as a mechanism to achieve a business / user value, you can see it as a means to extend “trusted environment”.

Read More

Are passwords really more secure if they must be so complex that I can't remember them and write them down?

May 19, 2019 9:15:37 PM / by Dan posted in security, quora, password, risk management

0 Comments

Let me start with a question - why do banks believe that 4 digit PIN on your credit card is secure when a random guess have a chance of 1 in 10,000 to be correct. Does 3496 sound that much more secure than “password123” ?

Read More

How secure is a 10 digit passcode with numbers ranging from 1-10?

May 19, 2019 9:14:10 PM / by Dan posted in security, quora, password

0 Comments

I don’t think anyone can answer this question.

Read More

What would happen within one year after RSA got suddenly broken?

May 19, 2019 9:10:02 PM / by Dan posted in security, quora, incident response

0 Comments

It is not so hypothetical question as ROCA attack gave as a taste of that in Autumn 2017. A lot of stuff was happening behind the scenes and I believe there are many enterprises yet to realise some important vulnerabilities (e.g., encrypted documents without proper protection).

Read More

ROCA - vulnerability in Infineon RSA key generation

Oct 31, 2017 11:16:00 PM / by Dan posted in security, key management, attack

0 Comments

Quantum cryptography is still some years away from being anything but an interesting research area. But if you want to see what it is to suddenly have all your keys broken, look the ROCA vulnerability.

Read More

KeyChest instant audits

Sep 2, 2017 11:08:00 PM / by Dan posted in security, keychest, risk management

0 Comments

What is KeyChest and its spot check good for?

You may ask why you need another tool, when there's SSL Labs auditing tool, which tells you all you need about the security of your website. The answer is simple,  KeyChest is much more about keeping your servers available than secure. You can only do a thorough security audit on servers, which have been configured and use the certificate you want.

KeyChest.net is about keeping your business up and running. It may be prudent to reach A+ rating at SSL Labs in April, but it doesn't help if your customers can't access your online store in July.

KeyChest gives you all the information you need to keep your servers' SSL certificates up to date. It allows you to plan certificate renewals and tells you when something broke and needs a closer look. This protects you from downtimes as you can plan certificate renewals with enough to resolve any potential problems. Spot checks of KeyChest also help you set up your servers so that your users, customers, and clients can use them and connect to them reliably as we detect issues that may cause random unexpected problems to access your web services.

KeyChest features a powerful Dashboard with details of all your certificates in one place. Dashboard tables list relevant issues, from DNS lookup errors, incomplete trust chains, or certificate expiration dates.

If you just want to keep an eye on your administrators, KeyChest will send you a brief email with all the important metrics.

We also want to show you who issued your certificate and how to save money on the next one. Make you aware of any new certificates issued for any of your servers. One of the main extensions would be integration of reminders into your calendar.

The biggest problem of the security of your servers is that you need to create a new key and certificate. It can be every three months, or once in 2-3 years. The harsh reality is that if you don't do it, your online business will simply grind to halt.

Read More