passwords

Wed
24
Apr
John Lister's picture

WiFi Hotspot App Leaks 2M Passwords, Many Residential

An app designed to make it easier to get on public WiFi has accidentally exposed more than two million WiFi passwords. It appears to be a case of terrible design, rather than pure malice by the app designers. The app is called "WiFi Finder - connect ... to hotspots" and is listed on the Google Play store as having more than 100,000 downloads. In theory the app is part of a project to make using WiFi on the move more convenient. It's designed to be a massive database to which users can add public WiFi networks and the relevant passwords. For example, visitors to a coffee store could add the ... (view more)

Tue
05
Mar
John Lister's picture

No More Passwords: 'Keys' to Become New Standard

The demise of the password has come a step closer this week with the adoption of a new standard for physical "keys" for logging in to websites. "WebAuthn," as it's called, makes it easier for sites to let users log in through a physical method - ... rather than relying on users having to remember a password. These methods range from USB devices that act like a physical key to biometric devices such as fingerprint or eye scanners. The big hope is that such devices reduce the need to rely on passwords which can be guessed or stolen in data breaches. Browsers Already On Board Having a ... (view more)

Wed
20
Feb
John Lister's picture

Report: Most Password Managers Not Secure

Security researchers say some major password manager tools could be flawed. But they also say it's still sensible to use them, just with a degree of caution. It's a fact that using the same password for multiple sites is a massive security risk. ... That's because if one site gets hacked, it could mean that hackers can use the same password on another website to gain access to potentially sensitive information, resulting in identity theft or financial loss. Password manager tools (such as Roboform and Dashlane ) aim to overcome two big dilemmas with online passwords - which is keeping passwords ... (view more)

Thu
07
Feb
John Lister's picture

Security Researcher Refuses to Share Bug with Apple

A security researcher says he's found a major security flaw in the Mac's password storage tool. But he's refusing to publish the details as a protest against Apple's "bug bounty" program. Linuz Henze has produced a video showing what he calls an ... exploit of the Keychain feature in MacOS Mojave, the current edition of the operating system for Mac computers. Keychain is an application on Macs that lets users save passwords for online accounts and digital certificates so that they don't have to type them in again. Users can also open Keychain and access a full list of passwords. Normally every ... (view more)

Thu
06
Dec
John Lister's picture

Quora Site Hacked; Names, Emails and Passwords Stolen

Question site "Quora" has become the latest high-profile hacking victim, with details of more than 100 million users breached. Fortunately, the implications likely won't be as serious as some previous hacks. The site lets users post questions and ... then get answers from other users. A voting system means more helpful answers from its community means the best answers float to the top. Quora says its systems were accessed without authorization and that it discovered the breach on November 30, 2018. It says the exposed information included account information such as name, email address ... (view more)

Thu
25
Oct
Dennis Faas's picture

How to Fix: Hackers Hacked My Email, Demand Bitcoin (Scam)

Infopackets Reader Sam G. writes: " Dear Dennis, I get emails from hackers a few times a week saying that they have cracked my email account. As proof, they have supplied me with the correct password for the account. The message goes on to say that ... they have planted a Trojan on my computer which allows them to spy on me. Here's where it gets interesting. The hackers say I have been visiting websites of people in the buff. They are demanding I pay them bitcoin (worth $831) to keep this quiet, otherwise they will send images from the purported site I've visited and also a picture of me on my ... (view more)

Mon
05
Mar
Dennis Faas's picture

Explained: Do I Need Norton Identity Protection and Similar Services?

Infopackets Reader Marjie H. writes: " Dear Dennis, I just received an email offer from Norton Security asking if I would like to enroll in the Norton Identity Protection. In order to do so, the form says I need to provide my social insurance ... number. The protection being offered is free, so long as I renew my Norton Antivirus subscription. From what I understand, this service includes protection against personal credit, credit cards, bank, social insurance number (SSI), etc. My question is - with all this information they are asking for, what is the possibility they could be hacked and all my ... (view more)

Wed
20
Dec
John Lister's picture

'Password' Still a Common Password in 2017

A security company has released its list of the worst passwords of 2017. As always with this annual survey, it tells us more about culture than security practices. The list comes from SplashData, which compiles the rankings based on how many times ... particular passwords appears in leaked lists of user databases (mainly among English language users). The survey this year totaled more than five million passwords, though it's worth noting the company deliberately excluded leaks of passwords from adult sites. (Source: cnet.com ) The most common are hardly any surprise with "123456" beating out " ... (view more)

Thu
31
Aug
John Lister's picture

700 Million Email Accounts Hijacked by Spammers

More than 700 million email addresses and passwords have been leaked online. While many are bogus, enough appear to be genuine that security experts have advised users to change their email passwords. The collection of account details does not ... appear to have been used for identity theft or other fraud. Instead, the collection has been marketed as a way to send spam messages. The idea is that spammers can login to the compromised accounts in order to send their unsolicited emails. This effectively flies under the spam radar, as most spam comes from IP addresses without any reputation. In this ... (view more)

Wed
09
Aug
John Lister's picture

Report: Widely Adopted 'Password Rules' May Actually Backfire

The man behind some of the most commonly held advice on creating passwords says he was wrong on several points. Bill Burr says the real problem with his tips were that they led to predictable behavior. Burr's advice came in a short 2003 document ... produced by the National Institute of Standards and Technology. Because of the institute's prestige, the advice was widely adopted and cited, with both employers and sites often insisting that passwords meet the guidelines. (Source: wsj.com ) Mix of Characters Hard to Remember One part of the advice was to use a mix of capital letters, lower ... (view more)

Pages

Subscribe to RSS - passwords