password

Tue
05
Mar
John Lister's picture

No More Passwords: 'Keys' to Become New Standard

The demise of the password has come a step closer this week with the adoption of a new standard for physical "keys" for logging in to websites. "WebAuthn," as it's called, makes it easier for sites to let users log in through a physical method - ... rather than relying on users having to remember a password. These methods range from USB devices that act like a physical key to biometric devices such as fingerprint or eye scanners. The big hope is that such devices reduce the need to rely on passwords which can be guessed or stolen in data breaches. Browsers Already On Board Having a ... (view more)

Thu
07
Feb
John Lister's picture

Security Researcher Refuses to Share Bug with Apple

A security researcher says he's found a major security flaw in the Mac's password storage tool. But he's refusing to publish the details as a protest against Apple's "bug bounty" program. Linuz Henze has produced a video showing what he calls an ... exploit of the Keychain feature in MacOS Mojave, the current edition of the operating system for Mac computers. Keychain is an application on Macs that lets users save passwords for online accounts and digital certificates so that they don't have to type them in again. Users can also open Keychain and access a full list of passwords. Normally every ... (view more)

Tue
29
Jan
John Lister's picture

Malware Makers Set Sights On Motion Sensor

An extremely creative form of malware on Android devices uses motion sensors to help stay undetected. It's designed to combat one of the key methods used by malware scanning tools. Trend Micro says it found the malware hidden in two Google Play ... Store apps named "BatterySaverMobi" and "Currency Converter," which claimed to provide functions as their names suggest. (Source: arstechnica.com ) Once installed, the apps downloaded malware in the background, then used a fake system update message to trick the user into giving permission to install it. The malware, named " ... (view more)

Thu
06
Dec
John Lister's picture

Quora Site Hacked; Names, Emails and Passwords Stolen

Question site "Quora" has become the latest high-profile hacking victim, with details of more than 100 million users breached. Fortunately, the implications likely won't be as serious as some previous hacks. The site lets users post questions and ... then get answers from other users. A voting system means more helpful answers from its community means the best answers float to the top. Quora says its systems were accessed without authorization and that it discovered the breach on November 30, 2018. It says the exposed information included account information such as name, email address ... (view more)

Thu
22
Nov
John Lister's picture

Microsoft Moves Towards Password-Free Logins

Microsoft has announced several steps towards a world without passwords. It not so much a revolution at this stage, compared to a few measures towards convenience. The changes involve the way people login to Microsoft services such as the online ... edition of Office, Skype, Edge browser and the Xbox Live gaming service (on PCs) - all of which work via a single Microsoft account. Microsoft is building on "Windows Hello," an existing system for logging into a Windows 10 PC using a PIN code, facial recognition or a fingerprint reader, rather than relying on a password. Physical Keys An ... (view more)

Tue
02
Oct
John Lister's picture

Police Use Suspect's Face to Unlock Phone

Police have used a suspect's face to unlock a phone for what appears to be the first time. It didn't go quite as planned and is another step in the law adapting to technology. The man in question was suspected of receiving and possessing indecent ... images of children. Police raided his house with a search warrant and discovered he had a phone which was locked. Historically such cases have proven a grey area when it comes to privacy laws and the rights of police. For example, while law enforcement agencies have argued that, as long as they have a court order, accessing a phone or computer is a ... (view more)

Thu
26
Jul
John Lister's picture

Google Fights Phishing Scams using USB Key

Google says it's suffered zero phishing attacks since it started making staff use a physical key to log in to work accounts. Of course, it's possible it's been hit with attacks it doesn't know about. The measures were taken to prevent against ... phishing attacks in which scammers try to trick victims into following a link and opening a bogus website that appears to be from a legitimate organization. The idea is that they then type in login details which the scammers can use to access their account on the real website. This can be particularly problematic with business accounts that may house ... (view more)

Fri
29
Jun
Dennis Faas's picture

How to Fix: VPNFilter Router Malware (And Test if Vulnerable)

Infopackets Reader Gord F. writes: " Dear Dennis, I have heard from the media and some friends that I should reboot my router due to Russian malware that is infecting routers. I have done some research on the subject and the story made headlines ... back around May 29, 2018, followed by more updates to suggest that the VPNFilter Router Malware is much worse than originally thought. I have checked and mine does not seem to be on the list of affected routers. What should I do now? " My response: From what I understand, the VPNFilter Router Malware affects routers made by Cisco and Linksys, MikroTik ... (view more)

Fri
09
Mar
Dennis Faas's picture

Explained: How to Send and Receive Encrypted Emails (Easily!)

Infopackets Reader Tom G. writes: " Dear Dennis, I am trying to send encrypted email to a friend using MS Outlook . To do so, I purchased a digital certificate from Comodo, then imported the certificate into Outlook. I could send my friend digitally ... signed messages which he could read and reply to. He could send me digitally signed and encrypted messages, which I could read and reply to. However, I could not generate an encrypted message; I could only reply to his. I could not create an encrypted message from scratch. When attempting to initiate an encrypted message, I was told ' Microsoft ... (view more)

Thu
30
Nov
John Lister's picture

'Spectacular' Apple Flaw Left Macs Wide Open for Attack

Apple has been forced to fix a major security flaw in the latest edition of the Mac operating system. The fix makes it far easier for a thief to access a computer's files. The bug is in MacOS High Sierra, which was released two months ago. It's ... widely used as its compatible with most Mac computers released in the past eight years or so. The problem is with root access on the system. That's the highest level of access, giving complete control of the computer and even the opportunity to alter key system files. Normally only the most confident users would enable root access (which then acts a ... (view more)

Pages

Subscribe to RSS - password