passwords

(get it in RSS or Atom)

Teen charged after using teacher's admin password to access school computer

Florida teen charged with felony after shoulder-surfing teacher's password

He's been charged with trespassing on his school's computer system after snooping away an administrative password and swapping a teacher's desktop wallpaper with an image of two men kissing.

Baby cam plays creepy music, moves of its own accord

Man in a hoody

Yes, the wireless cam was possessed - by the spirit of whoever hijacked the Foscam IP device to spy on a Minnesota couple's baby.

Slack gets hacked - rolls out two-factor authentication after user database breach

Slack is the latest start-up to make a big media splash in one of the worst possible ways - by acknowledging a data breach that exposed its users to malicious hackers.

Stolen Uber login credentials for sale on the dark web

Uber. Image courtesy of MAHATHIR MOHD YASIN/Shutterstock.

At least two sellers on the dark net appear to be selling Uber customer logins for as little as $1, with one offering a discount for bulk purchases.

Yahoo slices your password out of login process, shows off end-to-end encryption

Yahoo

The result of snipping out passwords: one-factor authentication. Just make sure not to lose that phone!

Bank tests heartbeat-encoded wristbands for online authentication

UK bank tests heartbeat-encoded wristbands for online authentication

Halifax is trialing the use of a wristband to store our ECGs, given that our hearts are random number generators unique to every individual.

Why you can't trust password strength meters

Password strength meters

Website owners can employ a range of measures to help users choose better, stronger passwords and one of the most popular techniques is to include a password strength meter. The meters are designed to help users understand if their password choices will resist attempts to crack them. The trouble is, they don't.

LinkedIn settles class action suit over 2012 unsalted password leak

LinkedIn settles class action suit over 2012 unsalted password leak

LinkedIn is privately settling the 2012 unsalted password leak. Were you one of the 800,000 affected users? Here's what you need to know.

Hackers force closure of Canadian Bitcoin exchange Cavirtex

Broken Bitcoin. Image courtesy of Shutterstock.

Canada's largest Bitcoin exchange - Cavirtex - has announced its closure, saying the latest in a string of hacking attacks may have left hashed passwords and 2FA "secrets" compromised.

Twitter's new tool should stop password sharing and help fend off hijackings

Twitter. Image courtesy of Shutterstock / Twin Design.

The new tool, TweetDeck Teams, lets users share Twitter accounts without having to share passwords.

RBS and NatWest banks to use Apple's Touch ID fingerprint system for mobile login

Touch ID. Image courtesy of Shutterstock.

The Royal Bank of Scotland and NatWest have launched a new mobile banking service that allows Apple customers to authenticate via Apple's Touch ID.

Windows 10 will work with FIDO specs for password-free access, says Microsoft

Windows 10 logo

Microsoft has announced that its forthcoming revamp of Windows will be compliant with FIDO's current specifications for advanced authentication. Or has it?

SSCC 178 - Are we there yet? [PODCAST]

Here's the latest episode of our weekly security podcast.

Enjoy...and "Happy Holidays," whether you're away on vacation yourself, or a sysadmin enjoying the time when everyone else is on vacation!

Stratfor hacker Jeremy Hammond used his cat's name as a password

Convicted Stratfor cyber-attacker admits to egregious, cat-related password choice

Convicted Stratfor attacker, Jeremy Hammond, has revealed how he thinks the Feds managed to get together the evidence they needed to send him to prison. How? It's all down to his pet-related password.

Is your webcam or baby monitor video feed being streamed to this website?

Privacy-ignoring site streams from unsecured cameras in nurseries and bedrooms

A website is searching for and publishing streams from internet-enabled cameras secured only with default passwords. Make sure you're not one of them.

Facebook prowls the internet looking for your password

Facebook prowls the internet looking for your password

Facebook explains that it's keeping its eye out for credentials - email, password combinations - dropped on sites after data breaches, running them against its own users' credentials to see if password reuse is going to land its users in trouble.

Reminder: iCloud's going to demand app-specific passwords from third-party apps

icloud-app-2sv-250

Yes, your third-party calendar, mail and contacts apps that don't support Apple's new two-factor authentication system are going to turn 10 toes up on your iThings. You'll need app-specific passwords to get at the cloud data.

SSCC 165 - "U2 or not U2," that is the question [PODCAST]

It's Chet Chat time!

Here's this week's episode of our news-you-can-use security podcast...

How dare you use my camera! 60 Sec Security [VIDEO]

Here's this week's 60 Second Security.

A week of news distilled into a swift minute of amusing but informative video...