Password Security

ICANN hacked

By
Passwords aren't going anywhere any time soon

Passwords aren't going anywhere any time soon

Take human memory out of the equation and passwords remain a viable access option says Emmanuel Schalit.

ICYMI: Sony passwords, government malware and the return of Poodle

ICYMI: Sony passwords, government malware and the return of Poodle

By

This week's In Case You Missed It looks at the five most popular articles on SC, including weak passwords exposed in the Sony Pictures breach and the return of the Poodle flaw.

Weak passwords revealed by Sony Pictures hackers

Weak passwords revealed by Sony Pictures hackers

Experts emphasise the need for user education as Sony hackers reveal employee passwords such as "password" and "s0ny123"

Change passwords? People can't be bothered, survey shows

Change passwords? People can't be bothered, survey shows

By

Two thirds of users still using the same password across multiple accounts says survey.

MasterCard, Visa pin hopes on new security standard for online payments

MasterCard, Visa pin hopes on new security standard for online payments

By

MasterCard and Visa have teamed to develop a new security standard, 3DS 2.0, which aims to kill off the password for online transactions.

How the threat landscape challenges authentication - old and new

How the threat landscape challenges authentication - old and new

The growing cyber-threat landscape poses some awkward questions for present and future authentication methods, argues Barry Scott.

Password recovery made too easy

Password recovery made too easy

By

A senior malware analyst has slammed the availability of a `password recovery' utility from Freehostia, noting that the software actually uses network admin utilities to take credentials from the users' PC.

Average Briton has 19 passwords

Average Briton has 19 passwords

By

A new study from Cyber Streetwise reveals that Britons are using more passwords than a year ago, but warns that most of these are not complex and thus easier to crack.

Identity is the foundation of trust: why passwords can no longer be relied upon

Identity is the foundation of trust: why passwords can no longer be relied upon

Passwords have numerous failings, including their ability to be shared or stolen, meaning that they are not a secure way to authenticate identity, and other options must now be adopted says Dana Epp

The (grim) reality of password security

The (grim) reality of password security

There are security vulnerabilities when using passwords, but Tyler Moffitt says that there are steps that you can and should take to make sure your data less easy to access.

Industry divided as Met Police recommends smartphone PINs

Industry divided as Met Police recommends smartphone PINs

By

After two years of quietly lobbying mobile phone manufacturers such as Apple and Samsung, the Metropolitan Police have gone public with its request for all mobile phone vendors to implement PIN protection as a default setting on a handset.

50% of corporate passwords crackable within a few minutes

50% of corporate passwords crackable within a few minutes

By

Security admins need to be more creative when it comes to developing security systems, says Adrian Davis of ISC(2).

Security vulnerabilities found on password managers

Security vulnerabilities found on password managers

By

The wide spectrum of discovered vulnerabilities makes a single solution unlikely - UC Berkley report

Poor admin passwords allow global botnet attack

Poor admin passwords allow global botnet attack

By

BrutPos or @-Brt attacks have infiltrated POS systems with botnets largely thanks to weak admin passwords.

Light bulb illuminates WiFi weakness: IOT security needs to improve

Light bulb illuminates WiFi weakness: IOT security needs to improve

By

Smart light bulb hacked to reveal WiFi password, research project highlights need for development of Internet of Things security.

Domino's won't pay ransom on 600,000 record hack

Domino's won't pay ransom on 600,000 record hack

By

Details of 600,000 French and Belgian customers to be released tonight if ransom not paid today say hackers.

eBay reputation tarnished by breach response

eBay reputation tarnished by breach response

By

eBay has been criticised for a lack of concise communication and poor security advice just 24 hours after the ecommerce giant disclosed that it had suffered a massive data breach.

eBay reacts to breach

eBay reacts to breach

By

Users told to change passwords following database hack at eBay

Thousands affected as phishers steal Google passwords

Thousands affected as phishers steal Google passwords

By

Hackers are stealing Google account passwords by using "enhanced" phishing attacks, according to security researchers.

Confusion reigns after Bitly data breach

Confusion reigns after Bitly data breach

By

URL link shortening service Bitly has asked its users to change passwords and their API key and OAuth token after revealing that some user accounts have been compromised. But precise details on the attack have not been made public.

If you want my data, reward me

If you want my data, reward me

We currently provide our personal details free to data-gathering giants like Facebook and Google, but that won't always be the case, writes Daniel de Bruin.

iOS 7.1 flaw lets hacker access contacts book

iOS 7.1 flaw lets hacker access contacts book

By

A security researcher was able to access an iPhone's contact book via Siri, even though the screen was locked and password-protected.

Winning strategies in cyber warfare

Winning strategies in cyber warfare

The adversary has enormous capabilities in the cyber world, but it too is not without its vulnerabilities, and these must be exploited says Calum MacLeod.

Insider data thieves get away "scot free"

Insider data thieves get away "scot free"

By

Controls on access to data by both staff and ex-staff are lax, and even when caught, insiders stealing data get away 'scot-free' says new survey.

Getting to the heart of the problem

Getting to the heart of the problem

As the Heartbleed bug demonstrates, passwords - especially the way they are commonly used across sites - are inherently vulnerable suggests Chris Russell

Sign up to our newsletters