Items tagged with Passwords

Using passwords as a form of security may not be long for this world, not if Google gets its way. The Mountain View outfit's ATAP (Advanced Technology and Projects) division is hard at work on Project Abacus, a scheme that relies on biometric data to determine a person's identity rather than relying on traditional password input. Core to Project Abacus is a "Trust Score" that takes into account a variety of factors. One of the biggest ones is your physical location, though it's far from the only way Project Abacus calculates the likelihood that you are who you claim to be. It also analyzes things... Read more...
Internet and computer security is a very complex field that continues to challenge even the experts as new compromises and hacks are developed, discovered and exploited. However, password security, you would think is a pretty simple, straight-forward topic. Drop in a string of characters that are hard to guess and crooks and hackers looking to crack or brute-force simpler strings or common words will have a much more difficult time breaking in. For some though, the cognitive challenge of remembering a strong password is too much and as a result, they resort to passwords they can remember, rather... Read more...
Password security is one of those things you either have or you don't. If you're password is a combination of alphanumeric characters and symbols with varying punctuation, congratulations, you're in much better shape than the guy who uses "12345," the same as found on his luggage. That said, traditional password input is becoming an antiquated way of locking down accounts, which is why Google is playing around with smartphone notifications. This is something Yahoo is already doing with its Account Key service. Similar to that, Google is inviting some users to try out its new password-free option.... Read more...
Some Amazon shoppers report having received an email from the online retailer to let them know that their passwords have been reset. Usually that's cause for concern, such as a security breach -- something that's become all too common as of late -- but in this case Amazon says it's simply being cautious. If that's the case, why make a password change mandatory and limit the change to only a certain number of online shoppers? According to Amazon, certain devices (we assume mobile) store passwords in such a way that they're at risk of being hijacked.The email states that Amazon "recently discovered... Read more...
Jan Souček, a security researcher from Prague, has uncovered a vulnerability in the security of the iOS Mail application that nefarious types can deploy against users of the app to gain access to their iCloud passwords.    The method published by Souček illustrates how an email can be sent to the hapless victim that uses HTML code that mimics the iCloud login pop-up window upon receipt. Then, after said victim has inadvertently tapped their iCloud password into the window's Password field and clicked OK, an email is sent back to the sender with that critical information. Specifically,... Read more...
Like something out of a sci-fi movie, researchers from Binghamton University just published a study on the use of brain signals to replace traditional means of logging into secure accounts, such passwords, fingerprint reading, and even fancy retina scans. What the researchers found is that your brain responds to certain words in unique ways. The team focused on 45 volunteers who each read a list of 75 acronyms, like FBI and DVD. Researchers looked at the part of the brain that's responsible for reading and recognizing words, and surprisingly enough, there's enough of a difference to the way each... Read more...
At this point, the resetting of a mobile phone to a from-the-factory state is something we have all done, perhaps simply to get a fresh start with a device that has become sluggish and over-burdened with years of downloaded flotsam. But more likely, we do it for the purpose of selling the phone or passing it along to a friend or family member. We rely on such a reset to completely wipe the phone of any trace of our having used it, all settings and sensitive data. The results of a study performed in the UK by University of Cambridge researchers entitled Security Analysis of Android... Read more...
Slack, the fast-growing startup previously known as Tiny Speck, has rolled out an optional two-factor authentication feature in response to a recent hacker attack. The company confirmed there was unauthorized access to its database containing user profile information, and though it was quick to respond and made changes to its security infrastructure to prevent future incidents, Slack "strongly" encourages its users to take advantage of two-factor authentication. Before talking about that, let's look at what happened. According to Slack, the database that was hacked contained... Read more...
Attention all eBay users, go ahead and change your password to the auction site. Like, right now -- we'll wait. Take your time, we'll be here when you get back. Finished? Good! Don't worry, it wasn't an arbitrary exercise -- eBay later today will be sending out emails and posting notices asking you to change your password due to a security breach. Some placeholder pages were spotted online by savvy web users that seemed to suggest a notice was forthcoming. The folks at The Wall Street Journal got in touch with eBay and found out that a cyberattack compromised a database containing encrypted passwords... Read more...
To those of you who are using "password" to secure an account, you can rest slightly easier at night knowing that it longer tops the list of worst passwords. Two-time runner up "123456" has taken the dishonor of being the most common used password found on the Internet, giving the six-character combination the distinction of being the worst combination you can choose to lock down an account. According to security firm SplashData, this is the first time "password" has lost its title as worst of the worst. It didn't fall far, however, sliding down a single spot to No. 2 on SplashData's list of the... Read more...
If you’re responsible about managing passwords for your email and other online accounts, you’re probably juggling a bunch of memorized passwords or using software that stores them for you. The FIDO Alliance wants to make online passwords a thing of the past and have us providing our credentials via pluggable devices, thumbprints, and other easy methods. The Alliance has already reeled in some big names in the security industry who see a need for a widely-used authentication protocol for websites, and now it’s landed a particularly big fish: Microsoft is now on its board of directors.... Read more...
Sony's been the target of more than one high profile hacker attack in the past few years, so it's understandable if the company is a bit on edge. To underscore that point, Sony Europe recently took the "precautionary measure" of resetting passwords for some PlayStation Network users in which irregularly activity was detected. That's fine and dandy, except that Sony didn't tell its members what it did. "So I've been trying for a good hour or so to try and login on my devices (PS3, Vita, phone app), and they're all saying my login is incorrect," a user posted in Sony Europe's support forum. "My initial... Read more...
These days, the old "when, not if" saying applies to websites getting hacked just as much as it does for the likelihood of getting into a car accident. LivingSocial is the latest site to fall victim to an attack, but the Amazon-backed company has clearly learned from the mistakes of others and rushed to get out in front of the issue. Anyone visiting the site right now is greeted with a message that encourages users to change their passwords and links to a page that goes into detail about the attack. Customers have also received emails from LivingSocial. Notice anything different about LivingSocial's... Read more...
Spammers are changing tactics, and Google is trying to get the word out. These days, the bad guys are using hijacked accounts to launch their scams. By now, spam filters can spot old-school spam mail with reliability, but it’s harder to snag emails that appear to be from your friends – both for the filter, and for you. You’re not going to fall for an email that starts with “Most esteemed Sir,” but would you let your guard down for an email from a buddy asking for a little help? Google keeps an eye out for suspicious sign-in attempts. Image credit: Google As Google... Read more...
1 2 Next