password

(get it in RSS or Atom)

Ubisoft customers told "change your passwords *now*"

Ubisoft customers told change your passwords *now*

Ubisoft is urging customers to change their passwords following a breach that exposed user names, email addresses and encrypted passwords.

Anatomy of a cryptoglitch - Apple's iOS hotspot passphrases crackable in 50 seconds

ios-wifi-250

If you use your iPhone or iPad as a Wi-Fi hotspot, don't let it generate the passphrase for you.

A posse of German computer scientists has found that Apple's iOS passphrase generator may give you less than a minute of security.

Biostamps - freedom from password tyranny, or Hollywood science?

Biostamps - freedom from password tyranny, or Hollywood science?

Last week Motorola execs showed off experimental biostamps - digital "tattoos" capable of authenticating you to your phone. Could this be the ultimate solution to the problem of authentication and passwords, or is it just a sci-fi pipe dream?

What WERE they thinking? Internet-enabled cameras under the security lens once again...

Vulnerability researchers at Core Security recently turned their attention on internet-enabled cameras, finding lots of holes.

And when security holes arise from features, not bugs, you really do feel like shouting aloud, "What WERE they thinking?"

50,000,000 usernames and passwords lost as LivingSocial "special offers" site hacked

LivingSocial, the online offers site owned in largish part by Amazon, has just emailed its userbase, said to be 50,000,000-strong, to fess up to a data breach.

Another day, another shed-load of password hashes in the hands of crooks....

Beware Twitter "password check" sites - there are fakes, and there are fake fakes!

fakefake-250

After a widely publicised hack or data breach, you'll often find "password check" sites springing up.

Some of them are legitimate, but other password check sites are as bogus as they sound on the surface...

55% of net users use the same password for most, if not all, websites. When will they learn?

55% of net users use the same password for most, if not all, websites

A study by Ofcom, the UK communications watchdog, has unearthed some appalling statistics which reveal just how badly the general public treat password security.

You won't believe how crazy this password infomercial is (and neither did Ellen DeGeneres) [VIDEO]

Password security infomerical leaves Ellen DeGeneres in disbelief.. and it will you too [VIDEO]

When there's nothing funny on American TV, you can always rely upon an infomerical selling some crazy product to have you chuckling or simply agog in disbelief that anyone would ever buy such a thing.

Watch this video, you won't believe your eyes.

WordPress blogs and more under global attack - check your passwords now!

If you have a web service that supports remote users, you will know that malevolent login attempts are an everyday occurrence.

But hosting providers worldwide are reporting an onslaught at well above average levels...

When is a password not a password? When Excel sees "VelvetSweatshop" [VIDEO]

When is a password not a password? When Excel sees VelvetSweatshop

Malware researcher Paul Baccas reveals how an Excel spreadsheet using the password "VelvetSweatshop" could be designed to put your computer at risk.

Anatomy of an exploit - Linksys router remote password change hole

li-placard-250

A security researcher from California has published a how-to guide detailing a number of exploits against various Linksys routers.

Paul Ducklin looks at the ominous sounding "EA2700 Password Change Insufficient Authentication and CSRF Vulnerability"...

Movie site Vudu resets passwords after burglar nabs hard drives

Video site Vudu resets passwords after burglar nabs hard drives

Burglars broke into offices at video service Vudu late last month and stole hard drives containing customers' personal data, the company told customers in an email sent on Tuesday.

WordPress.com boosts security for bloggers with two-factor authentication

With WordPress.com powering more than 60 million websites worldwide, anything to improve the safety and security of its users is to be welcomed.

Paul Ducklin tries out the new WordPress 2FA service on his Naked Security account...

Scribd, "world's largest online library," admits to network intrusion, password breach

scribd-250

San Francisco-based document sharing site Scribd has admitted to a network intrusion.

Details are scant, but fortunately a notification published by the company suggests that no more than 1% of users are at risk...

"Rude password - login denied": the AT&T April Fool that wasn't

rude-password-250

Why, and more importantly, *how*, would you go about weeding out rude passwords?

Surely an April Fool?

Paul Ducklin takes a look...

Apple introduces two-factor verification for Apple IDs

apple-id-icons-250

After celebrity Web 2.0 journalist Mat Honan had all his iDevices remote-wiped by a cybercrook last year, Apple's login security has been under scrutiny.

Good news! Apple has finally bitten the bullet and started offering two-factor verification for Apple ID users...

Colin Powell's Facebook account has been hacked

Colin Powell's Facebook account is hacked

Former US Secretary of State Colin Powell is the latest public figure to have fallen victim to hackers, with a series of out-of-character messages posted to his Facebook page.

Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO]

Can multiple moving cursors really hide your password from spyware and peepers? [VIDEO]

Japanese boffins think they might have found an imaginative way to stop malware stealing your passwords as you enter them online.

But will it really work?

Evernote shoots itself in foot over "never click on 'reset password' requests" advice

Evernote shoots itself in foot over "never click on 'reset password' requests" advice

Have you taken a close look at the email that Evernote has sent out, with the subject line "Evernote Security Notice: Service-wide Password Reset"?

It looks like the hacked company has made a blunder.