Items tagged with Password

Concerned that hacking is on the rise? You've every right to be worried. Following recent reports from The Wall Street Journal and The New York Times surrounding intrusion from outside forces into their news systems and e-mail databases, Twitter has now affirmed a security puncture of its own. The company released a blog post noting that it "detected unusual access patterns that led to us identifying unauthorized access attempts to Twitter user data." In that discovery process, Twitter found one live attack and neutralized it, but some damage was already done. The investigation has thus far indicated... Read more...
If you woke up to find that your Twitter password wasn’t working, you’re not alone. Twitter accidentally reset the passwords for many of its users yesterday. If your account is one of those affected by the mass reset, you should have received an email alerting you to the situation and giving you an opportunity to change your password back to your dog’s birthday.   Twitter CEO Dick Costolo. Twitter was hunting for accounts that have been hijacked for nefarious purposes. It reset the passwords on those accounts – and then some. Twitter accidentally reset plenty... Read more...
Social networking site LinkedIn reportedly faces a $5 million class action lawsuit over a recent security breach that compromised the passwords of millions of members. The suit was filed by Katie Szpyrka in the U.S. District Court in the Northern District of California. Szpyrka says LinkedIn "failed to properly safeguard its users' digitally stored personally identifiable information, including email addresses, passwords, and login credentials," ZDNet reports. As a result, she wants LinkedIn to cough up $5 million in damages, which works out to less than a dollar for each of the 6.46 million passwords... Read more...
Tens of thousands of Twitter accounts have been compromised in a recent hack attack in which more than 55,000 passwords were leaked and posted to Pastebin by anonymous hackers. Most of the accounts supposedly belonged to spammers, and there were many duplicate entries, Twitter officials pointed out, but to play it safe, you should probably change your Twitter password today. "The list of alleged accounts & passwords consists of more than 20,000 duplicates. Also suspended spam accounts & incorrect login credentials," Twitter stated in a tweet. Image Source: Flickr (Rosaura Ochoa) In a follow-up... Read more...
A disturbing stream of reports have been circulating concerning employers demanding the Facebook passwords of potential employees before hiring them. Aside from the fact that such a demand is a gross breach of privacy and frankly opens those employers up to legal liability for all sorts of reasons, it’s just a crappy thing to do. The job market is tough, and plenty of desperate job seekers would do, say, or sign just about anything to land a job, and apparently some employers know that and are taking advantage of their leverage. We know--it’s easy to become indignant upon reading this... Read more...
Mozilla is working on a project that could eliminate the need for passwords and the sign-up/verification processes on websites. Mozilla's BrowserID is an experimental way of logging in to websites. BrowserID uses the verified email protocol and aims to offer a streamlined user experience. After a user proves ownership of an email address, they will be able to use that address with BrowserID to sign in to websites quickly and easily—no passwords or further verification of your email address are necessary. Introducing BrowserID: A better way to sign in Jul 14, 2011 — by millsd Today we’re... Read more...
By any measure, end users are still using passwords that are far too simple. The Gawker Media hack from 2010, in fact, showed "123456" was the most common password in Gawker's database. Well, Microsoft's decided that if folks aren't going to pick strong passwords, at the very least Microsoft can keep them from picking the most egregious, easy passwords to hack. Microsoft's Hotmail service will now prevent new customers from selecting passwords that are too easy to guess, such as "password" or the aforementioned "123456." Those sorts of passwords, besides being easy to guess, are particularly vulnerable... Read more...
Is the Wi-Fi connection that you're on now open, password-free? If it's also a Wi-Fi network within your home, you should probably change that. A recent survey found that 32% of respondents are guilty of mooching off of nearby open Wi-Fi hotspots, up a significant amount from 18% in a 2008 poll. Kelly Davis-Felner, marketing director at the Wi-Fi Alliance, had this to say about the results: "The reality is that many consumers have not taken the steps to protect themselves." Many consumers simply assume that having an open Wi-Fi connection is the neighborly thing to do, and since so many eateries... Read more...
Listen up ladies and gents, if you aren't in the habit of changing up your passwords every once in awhile, consider doing so. Not only is it good practice in general, but as it turns out, your browser does a pretty piss-poor job of covering your tracks. Enter Russian software maker ElcomSoft, which just announced a password recovery tool called Internet Password Breaker that purportedly works with Firefox, Safari, Opera, and Chrome. "ElcomSoft Internet Password Breaker instantly retrieves login and password information stored in a variety of applications, including popular email clients and Web... Read more...
There's one thing Apple is right about with respect to jailbroken iPhones: they are less secure. At least, unless you take some precautions, that is. A Dutch hacker took advantage of that situation, but all he really wanted was some pocket change.On the other hand, we doubt jailbreaking will end life as we know it, as Apple believes.According to a forum post, the hacker broke into jailbroken iPhones on T-mobile Netherlands. Typically, SSH is turned on for jailbroken iPhones, allowing a user to log in via Terminal and run standard UNIX commands. However, if you want to do that, you really need to... Read more...
The next time you are taking money out at the ATM, be wary of anyone lurking nearby with an antenna sticking out of their pants. They might be stealing your PIN wirelessly. A pair of Ph.D. students at the Security and Cryptography Laboratory (LASEC) of Switzerland's Ecole publique Polytechnique Fédérale de Lausanne (EPFL), recently demonstrated a number of techniques for listening in on the electromagnetic emanations coming from wired keyboards and interpreting that information into the actual keystrokes pressed. The two researchers, Martin Vuagnoux and Sylvain Pasini, tested four different versions... Read more...
OpenID is an service which allows users to log on to many different web sites using a single username / password. This eliminates the need to create and remember a strong username / password for each site. The assumption, of course, is you create a strong OpenID.Of course, if that information is lost or stolen, you're in big trouble.  What if there was another level of authentication, however.The new system, CallVerifID, uses your mobile phone to perform an extra security measure before it will authenticate you on its service. It works like this: When you want to authenticate a site using... Read more...
If you thought your own passwords were secure, then you haven’t seen anything yet.   There is an interesting bug in Windows 2000 SP1 and Advanced Server that occasionally produces (and enforces!) the following error:“Your password must be at least 18770 characters and cannot repeat any of your previous 30689 passwords.  Please type a different password. Type a password that meets these requirements in both text boxes.”Luckily there is already a fix in place, but this one is certainly worth a laugh. If you happen to know anyone out there running either of these products, you can give them a heart... Read more...
You break into the blog of a security team -  worthy of crowing to your friends.  But they break your password back - using Google.You shouldn't, in theory, be able to extract the original text from an MD5 hash. That would take millions, or at least thousands, of computers running all the time.But Steven Murdoch began thinking. Who is there out there who has thousands of computers running all the time? Um, everyone. And some might be generating MD5 hashes and putting them on the web...He took the hash - 20f1aeb7819d7858684c898d1e98c1bb - from the database and stuck it into Google. Lo... Read more...
Prev 1 2 3 Next