passwords

(get it in RSS or Atom)

FBI investigates Cardinals for breaking into Astros' database in baseball data theft

FBI investigates Cardinals for breaking into Astros' database in baseball data theft

The FBI is investigating one of the best baseball teams in the US after it allegedly broke into a database belonging to one of the worst.

SSCC 202 - They hacked the US Army? Are you SURE? [PODCAST]

Join Sophos security experts Chester Wisniewski and Paul Ducklin for this week's security podcast.

Apple, Microsoft, patching, hacking the army (sort of), and 49 arrests in a Europol action against bank fraudsters!

Steel bin maker Brabantia breached, trashes passwords just to be safe

Steel bin maker Brabantia breached, trashes passwords just to be safe

It's not clear what data the intruders might have grabbed, but Brabantia said that it wasn't financial. Nor were passwords accessed.

Yup, we really are terrible at those password recovery questions

Doh!

When we forget our passwords we’re often faced with recovery questions like "What's your favourite food?” They’re a backdoor into our accounts so they’re supposed to be both secure and memorable. They’re not.

How your next password could be your brain

brain-padlock-1200

Researchers found that brains react to acronyms in a way that's unique to each individual.

Ready to slap some electrodes on your head?

Apple Watch lets nimble-fingered crooks use your Apple Pay

apple-watch-girl-1200

Nimble-fingered crooks can exploit the one-second lag before Watch senses it's off a wrist and asks for a passcode.

Samsung biometric payment services set to go live in South Korea, then the world

Mobile payments security

The biometric revolution moved one step closer this week, as Samsung IT services subsidiary Samsung SDS confirmed plans to launch a "simple" mobile payment system using biometric authentication in the very near future.

Teen charged after using teacher's admin password to access school computer

Florida teen charged with felony after shoulder-surfing teacher's password

He's been charged with trespassing on his school's computer system after snooping away an administrative password and swapping a teacher's desktop wallpaper with an image of two men kissing.

Baby cam plays creepy music, moves of its own accord

Man in a hoody

Yes, the wireless cam was possessed - by the spirit of whoever hijacked the Foscam IP device to spy on a Minnesota couple's baby.

Slack gets hacked - rolls out two-factor authentication after user database breach

Slack is the latest start-up to make a big media splash in one of the worst possible ways - by acknowledging a data breach that exposed its users to malicious hackers.

Stolen Uber login credentials for sale on the dark web

Uber. Image courtesy of MAHATHIR MOHD YASIN/Shutterstock.

At least two sellers on the dark net appear to be selling Uber customer logins for as little as $1, with one offering a discount for bulk purchases.

Yahoo slices your password out of login process, shows off end-to-end encryption

Yahoo

The result of snipping out passwords: one-factor authentication. Just make sure not to lose that phone!

Bank tests heartbeat-encoded wristbands for online authentication

UK bank tests heartbeat-encoded wristbands for online authentication

Halifax is trialing the use of a wristband to store our ECGs, given that our hearts are random number generators unique to every individual.

Why you can't trust password strength meters

Password strength meters

Website owners can employ a range of measures to help users choose better, stronger passwords and one of the most popular techniques is to include a password strength meter. The meters are designed to help users understand if their password choices will resist attempts to crack them. The trouble is, they don't.

LinkedIn settles class action suit over 2012 unsalted password leak

LinkedIn settles class action suit over 2012 unsalted password leak

LinkedIn is privately settling the 2012 unsalted password leak. Were you one of the 800,000 affected users? Here's what you need to know.

Hackers force closure of Canadian Bitcoin exchange Cavirtex

Broken Bitcoin. Image courtesy of Shutterstock.

Canada's largest Bitcoin exchange - Cavirtex - has announced its closure, saying the latest in a string of hacking attacks may have left hashed passwords and 2FA "secrets" compromised.

Twitter's new tool should stop password sharing and help fend off hijackings

Twitter. Image courtesy of Shutterstock / Twin Design.

The new tool, TweetDeck Teams, lets users share Twitter accounts without having to share passwords.

RBS and NatWest banks to use Apple's Touch ID fingerprint system for mobile login

Touch ID. Image courtesy of Shutterstock.

The Royal Bank of Scotland and NatWest have launched a new mobile banking service that allows Apple customers to authenticate via Apple's Touch ID.

Windows 10 will work with FIDO specs for password-free access, says Microsoft

Windows 10 logo

Microsoft has announced that its forthcoming revamp of Windows will be compliant with FIDO's current specifications for advanced authentication. Or has it?