Items tagged with Passwords

Jan Souček, a security researcher from Prague, has uncovered a vulnerability in the security of the iOS Mail application that nefarious types can deploy against users of the app to gain access to their iCloud passwords.    The method published by Souček illustrates how an email can be sent to the hapless victim that uses HTML code that mimics the iCloud login pop-up window upon receipt. Then, after said victim has inadvertently tapped their iCloud password into the window's Password field and clicked OK, an email is sent back to the sender with that critical information. Specifically,... Read more...
Like something out of a sci-fi movie, researchers from Binghamton University just published a study on the use of brain signals to replace traditional means of logging into secure accounts, such passwords, fingerprint reading, and even fancy retina scans. What the researchers found is that your brain responds to certain words in unique ways. The team focused on 45 volunteers who each read a list of 75 acronyms, like FBI and DVD. Researchers looked at the part of the brain that's responsible for reading and recognizing words, and surprisingly enough, there's enough of a difference to the way each... Read more...
At this point, the resetting of a mobile phone to a from-the-factory state is something we have all done, perhaps simply to get a fresh start with a device that has become sluggish and over-burdened with years of downloaded flotsam. But more likely, we do it for the purpose of selling the phone or passing it along to a friend or family member. We rely on such a reset to completely wipe the phone of any trace of our having used it, all settings and sensitive data. The results of a study performed in the UK by University of Cambridge researchers entitled Security Analysis of Android... Read more...
Slack, the fast-growing startup previously known as Tiny Speck, has rolled out an optional two-factor authentication feature in response to a recent hacker attack. The company confirmed there was unauthorized access to its database containing user profile information, and though it was quick to respond and made changes to its security infrastructure to prevent future incidents, Slack "strongly" encourages its users to take advantage of two-factor authentication. Before talking about that, let's look at what happened. According to Slack, the database that was hacked contained... Read more...
Attention all eBay users, go ahead and change your password to the auction site. Like, right now -- we'll wait. Take your time, we'll be here when you get back. Finished? Good! Don't worry, it wasn't an arbitrary exercise -- eBay later today will be sending out emails and posting notices asking you to change your password due to a security breach. Some placeholder pages were spotted online by savvy web users that seemed to suggest a notice was forthcoming. The folks at The Wall Street Journal got in touch with eBay and found out that a cyberattack compromised a database containing encrypted passwords... Read more...
To those of you who are using "password" to secure an account, you can rest slightly easier at night knowing that it longer tops the list of worst passwords. Two-time runner up "123456" has taken the dishonor of being the most common used password found on the Internet, giving the six-character combination the distinction of being the worst combination you can choose to lock down an account. According to security firm SplashData, this is the first time "password" has lost its title as worst of the worst. It didn't fall far, however, sliding down a single spot to No. 2 on SplashData's list of the... Read more...
If you’re responsible about managing passwords for your email and other online accounts, you’re probably juggling a bunch of memorized passwords or using software that stores them for you. The FIDO Alliance wants to make online passwords a thing of the past and have us providing our credentials via pluggable devices, thumbprints, and other easy methods. The Alliance has already reeled in some big names in the security industry who see a need for a widely-used authentication protocol for websites, and now it’s landed a particularly big fish: Microsoft is now on its board of directors.... Read more...
Sony's been the target of more than one high profile hacker attack in the past few years, so it's understandable if the company is a bit on edge. To underscore that point, Sony Europe recently took the "precautionary measure" of resetting passwords for some PlayStation Network users in which irregularly activity was detected. That's fine and dandy, except that Sony didn't tell its members what it did. "So I've been trying for a good hour or so to try and login on my devices (PS3, Vita, phone app), and they're all saying my login is incorrect," a user posted in Sony Europe's support forum. "My initial... Read more...
These days, the old "when, not if" saying applies to websites getting hacked just as much as it does for the likelihood of getting into a car accident. LivingSocial is the latest site to fall victim to an attack, but the Amazon-backed company has clearly learned from the mistakes of others and rushed to get out in front of the issue. Anyone visiting the site right now is greeted with a message that encourages users to change their passwords and links to a page that goes into detail about the attack. Customers have also received emails from LivingSocial. Notice anything different about LivingSocial's... Read more...
Spammers are changing tactics, and Google is trying to get the word out. These days, the bad guys are using hijacked accounts to launch their scams. By now, spam filters can spot old-school spam mail with reliability, but it’s harder to snag emails that appear to be from your friends – both for the filter, and for you. You’re not going to fall for an email that starts with “Most esteemed Sir,” but would you let your guard down for an email from a buddy asking for a little help? Google keeps an eye out for suspicious sign-in attempts. Image credit: Google As Google... Read more...
There are some basic rules to follow when selecting a password. For example, while we're sure your significant other is a fine person, using their name as your password is a terrible idea. Same goes for your son's birthday. The object is to select a series of characters and symbols that's nigh impossible to guess, but it doesn't stop there. Brute force attacks means that if your password is "JumpingTurtleBean," it can be cracked relatively easily. And get this -- the better your grammar, the easier it is to figure out your password, regardless of length! Researchers at Carnegie Mellon University... Read more...
Most of us have dozens of passwords to remember, including for multiple email accounts, Google, Facebook, online banking and credit card accounts, services like Dropbox and Evernote, and on and on, and it’s simply a pain. It can be difficult to create a strong password that you’ll actually remember, and it’s not smart to use the same password for multiple accounts, so you end up with dozens of complex passwords that are as unique as snowflakes. Worse, even with good passwords, you can still be cracked, hacked, or phished. Security measures such as two-factor authentication help,... Read more...
Maybe it's because all the script kiddies are out of school for the summer, or perhaps there's something in the water that's to blame for the recent rash of hacker attacks. Whatever the reason, security breaches are once again starting to pile up. Following on the heels of a hack attack that compromised the passwords of over 450,000 Yahoo Voice users, NVIDIA decided to temporarily shut down its Developer Zone after being the victim of a security breach as well. "We are investigating this matter and working around the clock to ensure that secure operations can be restored," NVIDIA said in a statement... Read more...
Yesterday, there were rumors aplenty that around 6.5 million LinkedIn passwords were stolen and posted on a Russian hacker forum, where the poster presumably was looking for some help decrypting them. LinkedIn, by way of a blog post by CEO Vicente Silveira, has confirmed that at least some of the leaked passwords belong to LinkedIn accounts. Here’s what LinkedIn is doing to solve the issue: So if you find that your LinkedIn account’s password doesn’t work today, there’s a good chance your password is being handled by some Russian hackers and that you should be expecting... Read more...
1 2 Next