A Google researcher has uncovered a severe security flaw in a password management tool that has been widely bundled with Windows 10.
Raz Rafaeli suggests perhaps it's time to rethink authentication altogether, and eliminate password-based "something you know," the Achilles' heel of authentication. That leaves "something you have" and "something you are."
Amid fears that even encrypted data has been compromised by a breach of OneLogin, the company is advising customers to take extensive remediation steps.
Google researcher Tavis Ormandy finds more flaws in the LastPass password manager, one affecting the Google Chrome extension and another affecting version 3.3.2 of its Firefox add-on.
Two security vulnerabilities have been found and fixed in password manager LastPass. One by prolific security-vulnerability finder Tavis Ormandy, and the other by Mathias Karlsson of Detectify Labs.
With the news of over 100 million user login credentials being stolen from online professional networking website LinkedIn, the industry offers it's viewpoints on passwords, the GDPR and LinkedIn's choice of encryption.
Trend Micro patched several critical flaws in Password Manager found by a Google Project Zero research that allowed hackers to execute malicious code.
The news that the KeePass program can be hacked, allowing an attacker to stealthily decrypt login credentials, raises concerns for all password vaults.