passwords

Mon
23
Jun
John Lister's picture

16 Billion Passwords Leaked

A collection of 16 billion login credentials has been discovered by security researchers. Despite the huge number, the researcher say the real problem is just how commonly records appear online. The discovery was made by Cybernews which assigned ... researchers to trawl as many online locations as possible to discover records. They found 30 datasets, of which just one had been widely known about and reported in the media. (Source: cybernews.com ) The datasets ranged from one of "just" 16 million records to one, apparently made up of details of Portuguese speakers, which had 3.5 billion records. ... (view more)

Thu
12
Jun
John Lister's picture

Microsoft Authenticator to Drop Password Storage

Users of Microsoft Authenticator have just a few weeks to move passwords away from the tool. From August, 2025, passwords will be inaccessible and in some cases deleted. Microsoft Authenticator is an app with a range of security features. A key one ... is as a two-factor authentication tool for websites. In simple terms, the website asks Microsoft to verify somebody's identity, the users does so in the app (for example with a fingerprint scan), and then Microsoft confirms the user is who they say there are. This means the website doesn't have to store login details for the user. Authenticator ... (view more)

Fri
21
Feb
John Lister's picture

Chrome Could Automatically Change Leaked Passwords

Chrome may soon make it even easier to change a password after a data breach. An in-test feature would actively change the password on the user's behalf. The change would affect what happens when Google auto-fills a password field using a stored ... password. The browser already checks such stored passwords against a database of passwords that have been breached and released publicly. At the moment Chrome will simply warn users about such a breach and prompt them to change it. However, the user will need to manually go to the password settings section or account settings on the website in ... (view more)

Fri
11
Oct
John Lister's picture

Facebook Fined for Password Failure

Facebook's parent company has been fined the equivalent of $100 million for storing user passwords in plain text. Failing to encrypt the passwords breached Europe's General Data Protection Regulation (GDPR). Meta, which runs Facebook and Instagram, ... broke the rules despite there being no evidence that anyone accessed the passwords without authorization or that anyone was then able to access accounts. Delay In Coming Clean The company was found to have breached the GDPR on four counts. Two involved failing to adequately secure personal data, one involved not properly documenting these failures ... (view more)

Wed
28
Aug
John Lister's picture

Ransomware Turns to Triple Threat

A notorious ransomware group has engaged in a "triple threat" attack. As well as locking files and threatening to expose data, the Qilin group has been spotted trying to steal saved passwords from Chrome. The Qilin group appears to have been ... operating for at least two years but came to wider attention in 2022 when it attacked British hospitals. The group's origins and membership aren't known for certain, but it has communicated in Russian. As is becoming more common, Qilin doesn't simply restrict itself to encrypting files and systems and then demanding a ransom payment to restore access. It ... (view more)

Tue
23
Jul
John Lister's picture

10 Billion Password Leak Not What It Seems

Reports that hackers have got their hands on 10 billion passwords have been slightly overblown. The file includes passwords up to 20 years old and many may never have been used at all. The "leak" involves an online post of a text file dubbed ... "RockYou 2024" which is said to contain 9,948,575,739 unique passwords, all stored in plain text. It appears to be an update from a similar file published in 2021, with "only" 1.5 billion of the passwords added since that time. Cybernews estimates it contains passwords compiled from around 4,000 databases over the past 20 years. (Source: cybernews.com ) ... (view more)

Mon
15
Jan
John Lister's picture

23andMe Blames Victims for Information Hack

DNA and ancestry site 23andMe has told victims of a major hack that it's their fault for not using unique passwords. The claim came in a letter aimed deterring victims from proceeding with a class action case. The site admitted last month that ... almost 7 million customers have been affected by a data breach. Hackers directly accessed personal data including DNA information of about 14,000 people. However, they were able to get some personal data of another 6.9 million people that enabled a feature to share information with potential relatives. Unsurprisingly, this led to legal action from ... (view more)

Thu
01
Jun
John Lister's picture

Amazon Hit By $30 Million Privacy Penalty

Amazon has agreed to pay a total of $30 million in penalties for privacy violations related to its Ring and Alexa devices, according to an announcement by the Federal Trade Commission (FTC). The penalties consist of $25 million for allegedly ... retaining children's data without deletion and $5.8 million for failing to limit employee and contractor access to Ring security videos. (Source: cnet.com ) The settlements do not require Amazon to make any admission of legal wrongdoing. (Source: theguardian.com ) Amazon Accused of Retaining Kid's Data The FTC accused Amazon of preventing parents from ... (view more)

Wed
30
Nov
John Lister's picture

One in 500 Passwords Is '123456'

"Password" and "123456" continue to battle it out for the worst password choice according to two annual studies. While this tells us very little about why users continue to use such weak passwords, there's some mixed news elsewhere. Several ... companies chase headlines each year by publishing lists of the worst passwords, meaning the ones that appear most frequently. The data source is usually a collection of stolen website login databases published online. Sometimes these are stored in plain text while sometimes cyber criminals have successfully cracked decryption. The ... (view more)

Mon
31
Oct
John Lister's picture

Thermal Images Could Reveal Passwords

Researchers say a thermal imaging camera could help crack passwords. It's not exactly a looming threat for the average user, though the study does reinforce the important of longer passwords. The research from the University of Glasgow appears to ... have been inspired by noticing that thermal-imaging cameras are becoming more affordable (less than $220 in some cases) and wondering how they could combine with machine learning. The researchers say they same idea may have struck would-be criminals, so it was worth trying to get one step ahead of them. (Source: zdnet.com ) The project followed a ... (view more)

Pages

Subscribe to RSS - passwords