Which webmail service has the smartest users? And are they getting smarter over time?
Paul Ducklin tries to use the password data from the Forbes hack to find the answers...
The SEA made off with more than a million records from the Forbes user database - perhaps including yours! - and published them online.
We already "cracked" a quarter of the Forbes staffer's accounts...Paul Ducklin looks at how well everyone else's password might hold up.
Did you really think XP would go patch-free? Is Flappy Bird really dead? Did you really use the same password on more than one site?
60 Sec Security - 15 Feb 2014
Where do you find Extreme Spammers? Can you find the exploit unicorn? And how did Target get breached?
Find out in 60 Sec Security for 08 Feb 2014...
This week's Chet Chat starts out with credit card breaches, covers the issue of whether you really need good passwords everywhere, and ends with an upbeat and encouraging conclusion...
Listen and learn more!
Leaky logic leaves logins loose in logfiles; mendacious mails menace Macs with Mavericks malware, and criminal contractor compromises Korean credit company!
60 Sec Security - 25 Jan 2014...
It's that time of year again. A new "Worst Password" list has been published for the password-savvy population's enjoyment. As much as we like to chuckle/groan at this list, is there ever a justification for a bad password?
OpenSSL, the widely-used open source cryptographic library, had its website defaced.
Early stories may have told you that it was a "hypervisor hack," which sounds like serious trouble, but it wasn't...
Microsoft joins Google, PayPal, Lenovo and other tech giants as a member of the FIDO (Fast IDentity Online) Alliance, a non-profit group working to design better and more standardised methods of checking identity across the internet.
Why shouldn't you store unencrypted credit card numbers? How can you squeeze a positive result from a password breach? What sort of pressure was on the cryptanalysts at Bletchley Park?
Find out the answers in just one minute!
Blessed be Facebook for using this real-world example to 100% back up Naked Security when we proselytize about the evils of password reuse. And if you're worried that Facebook's mining of breached Adobe customer records and quarantining of users is Big Brother-ish, fear not: the company didn't have to store passwords in clear text or pull any other boneheaded security move to know just what its customers' reused passwords are.
A touch of fun but with a serious side - and only a minute to watch it.
Give our weekly "60 Second Security" video a whirl today...
Cloud-based database services company MongoHQ is in "we'd better fix things" mode this week, following a network intrusion that proves the old adage that once you've been breached, all security bets are off.
Google has once again found itself all over the IT news for a spot of bother with its security software.
A recent Google Authenticator update accidentally removed all your accounts...
Riot Games has confirmed that real names, usernames, email addresses and salted password hashes have been stolen in a recent security breach of its League of Legends real-time strategy game.