This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ncc-announce@ripe.net/
[ncc-announce] Security Breach: Please Enable Two-Factor Authentication
- Next message (by thread): [ncc-announce] [News] Security Breach: Investigation Update
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hans Petter Holen
hph+announce at ripe.net
Thu Jan 4 13:47:13 CET 2024
Dear colleagues, In light of the recent incident where a RIPE NCC Access account was compromised, we urge you to review your own account security. ------------------------------- Two-Factor Authentication ------------------------------- If you have not already done so, enable two-factor authentication on your RIPE NCC Access account. Using two-factor authentication across all of your accounts can reduce your exposure to attacks like these. The guide for setting up two-factor authentication on your Access account can be found at: https://www.ripe.net/participate/member-support/ripe-ncc-access/two-step-verification ------------------------------- Password Recommendations ------------------------------- We also encourage account holders to change their Access account password and follow these recommendations: - Avoid reusing passwords for login credentials. - Use a password manager to automatically create random passwords and store them. - If you use a SaaS based password management tool, enable dark web monitoring for your own credentials. If you choose to create your own password: - Use at least 14 characters to create a password. - Using passphrases can be helpful such as a favourite quote, fictional character name or line of song to greatly increase the length of the password while also making it easier to remember. We are currently investigating the compromise of the RIPE NCC Access account and continue to work with the account holder in question. We would also like to share that we are routinely responding to notifications of possible public breaches containing RIPE NCC Access accounts and actively resetting account passwords while notifying the account holders. In line with the previous resolution by the Executive Board, we are reporting all cases of attempted fraud to the Dutch authorities: https://www.ripe.net/about-us/executive-board/minutes/2017/minutes-110th-executive-board-meeting Rest assured that the RIPE NCC is committed to taking the necessary steps to ensure the security of our services. We are currently investigating how we can change our roadmaps to make two-step verification mandatory for all RIPE NCC Access accounts as soon as possible and, in the longer term, offer a wider variety of verification mechanisms. If you suspect that your account might be impacted, please report it to security at ripe.net. Kind regards, Hans Petter Holen Managing Director and CEO, RIPE NCC
- Next message (by thread): [ncc-announce] [News] Security Breach: Investigation Update
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]