passwords

Infopackets Reader Marjie H. writes: " Dear Dennis, I just received an email offer from Norton Security asking if I would like to enroll in the Norton Identity Protection. In order to do so, the form says I need to provide my social insurance ... number. The protection being offered is free, so long as I renew my Norton Antivirus subscription. From what I understand, this service includes protection against personal credit, credit cards, bank, social insurance number (SSI), etc. My question is - with all this information they are asking for, what is the possibility they could be hacked and all my ... (view more)

A security company has released its list of the worst passwords of 2017. As always with this annual survey, it tells us more about culture than security practices. The list comes from SplashData, which compiles the rankings based on how many times ... particular passwords appears in leaked lists of user databases (mainly among English language users). The survey this year totaled more than five million passwords, though it's worth noting the company deliberately excluded leaks of passwords from adult sites. (Source: cnet.com ) The most common are hardly any surprise with "123456" beating out " ... (view more)

More than 700 million email addresses and passwords have been leaked online. While many are bogus, enough appear to be genuine that security experts have advised users to change their email passwords. The collection of account details does not ... appear to have been used for identity theft or other fraud. Instead, the collection has been marketed as a way to send spam messages. The idea is that spammers can login to the compromised accounts in order to send their unsolicited emails. This effectively flies under the spam radar, as most spam comes from IP addresses without any reputation. In this ... (view more)

The man behind some of the most commonly held advice on creating passwords says he was wrong on several points. Bill Burr says the real problem with his tips were that they led to predictable behavior. Burr's advice came in a short 2003 document ... produced by the National Institute of Standards and Technology. Because of the institute's prestige, the advice was widely adopted and cited, with both employers and sites often insisting that passwords meet the guidelines. (Source: wsj.com ) Mix of Characters Hard to Remember One part of the advice was to use a mix of capital letters, lower ... (view more)

Infopackets Reader Sean S. writes: " Dear Dennis, I own three Windows 10 PC's at home - my own PC, my wife's laptop and my son's laptop. Each laptop is set up to access my main PC using network shared folders (I have the same user names and ... passwords also set up on my main machine to create a password protected share). Recently my wife tried to access a shared folder on my PC but now receives an error 'the password of this user has expired'. The same day I also received an error message on my Windows 10 login screen that 'the password for this account has expired' and I need to reset it. Is ... (view more)

An unfortunate error has led to a massive leak of confidential data online. It's led to calls from users to review their passwords and change the most sensitive ones. The leak involves Cloudflare, which ironically is a security company. It offers a ... service by which it acts a little like a gatekeeper for websites, passing on valid requests for data and blocking those designed to cause disruption. In particular, it combats denial of service attacks (DoS) that aim to bring a website down by sheer weight of incoming traffic - usually bogus traffic. As part of Cloudflare's operations, it ... (view more)

Lately we've been posting a lot of articles about websites and services that have been hacked . One of the primary recommendations we have also repeated is that users should use unique and hard-to-guess passwords for each site, as this will help to ... prevent any further breaches. The reasoning is that if user account data is stolen on one site ( Yahoo is a good example ), the same username and passwords may also be valid on other sites - but only if users are using the same account names, passwords or password hints. Unfortunately this is often the case, because using the same passwords on ... (view more)

A 2012 hacking incident has turned out to be far worse than initially believed. It turns out that the theft of more than 60 million account details also included passwords. Online storage company Dropbox admitted to the breach at the time, but only ... said a list of email addresses of customers had been stolen. It either didn't know or didn't say that passwords were also compromised. The incident was particularly embarrassing at the time, as the hack proved simple thanks to a Dropbox employee's poor lack of judgement. The employee's LinkedIn password had been stolen as part of a ... (view more)

Users of the Opera browser's sync tools have been warned to change their passwords for every website. The organization behind Opera says the warning is with "an abundance of caution." The warning only covers people who use Opera's system for ... synchronizing bookmarks, passwords and other information so that they can access the feature on any computer. This covers around 1.7 million people among the 350 million who use the browser. Writing on a company blog, Opera's Tarquin Wilton-Jones said an attack on the system had been detected and, although quickly blocked, was ... (view more)

Users of remote access tool GoToMyPC will need to reset their passwords as a security measure after an attack by hackers. Although creators Citrix describe it as a "very sophisticated" attack, it's simply another case of hackers targeting people who ... continue to re-use passwords on multiple sites. GoToMyPC is a tool that lets users remotely access their PC or Mac using another computer or mobile device. As with most such tools, the computer being remotely accessed must be switched on and connected to the Internet. The actual system that powers GoToMyPC, and its database of login ... (view more)