Passwords News, Articles and Updates

Securus hacked after reports cops used it for tracking location

A hacker swiped 2,800 logins and passwords from Securus, the company that US Senator Ron Wyden recently pilloried for letting law enforcement track phones.

New Mac malware - MaMi - hijacks DNS connections

Malware can steal passwords, take screenshots and access files. Security researchers have discovered new Mac malware that can hijack DNS settings.

Contractor's only IT technician steals 30GB of Australian defence secrets

30GB of data stolen from a small Australian military defence contractor which included technical information on jet fighters, transport aircraft, 'smart bomb kits.' Culprit, the lone IT technician.

Deloitte, a source of cyber-security advice - hacked, emails accessed

Deloitte, one of the largest private US companies and a leading source of cyber-security advice for corporates, has had it email server hacked using legit credentials, client details revealed, attackers on system for months and no 2FA.

MPs and Virgin Media customers both caught in password snafu

It would appear both need a lesson on password-hygiene: government ministers are re-using government credentials for social media accounts, and Virgin Media customers aren't changing their default router password.

Fraud prevention practices and password security poor in the UK

Less than half of UK consumers regularly change their passwords to prevent fraud.

Is neural network password checker answer to poor login credentials?

In the quest to compel users to use stronger passwords, one research team is touting a system built on neural network technology, but is it a case of using a cannonball to crack a walnut?

Should world password day be a thing of the past? Dynamic MFA urged

Dwayne Melancon discusses the future of authentication and why a layered approach to security trumps the flimsy password - both in terms of user experience and security - with dynamic multi-factor authentication preferred.

Intuitive image-based passwords - succeeding text-based passwords

Biometrics should be used with another authentication factor and needs to depend on passwords as a recovery mechanism says Hitoshi Kokumai, thus other alternatives to text passwords are needed - such as images.

User details released for 2.5 million PlayStation and Xbox gamers

User details from a 2015 hack of Playstation and Xbox forums have recently been released providing yet another reminder to ensure you don't re-use passwords.

Guessing passwords of targeted users easier than you think, warn researchers

A new report that demonstrates how hackers can easily crack a targeted user's passwords with a minimal amount of information underscores the dangers of data leaks and poor password management.

Hackers steal 43 million credentials from Weebly

Web design platform notifying customers after being hit eight months ago

Password thefts and account hijacking - why every data dump should be on your mind

The theft of millions of password credentials can lead to automated attacks on other companies' sites. But Stephen Singam asks how can they be prepared to spot this risk?

BT patrons complain - locked out of email for over a week by passwords flaw

BT customers are complaining about chronic authentication issues that are blocking access to email and billing accounts. To expedite things, the help desk is asking for clients' full passwords, according to two customers.

Biometrics or a password?

Tony Anscombe asks, which is more secure, the password or biometrics?

Following social media site breaches, Netflix requires password resets

Following several social media site breaches, Netflix said users whose passwords may have been compromised must change their login credentials.

ICYMI: CEO Sacked; MS Zero-day; Passwords dropped; Ransomware wild, charging hack

The latest In Case You Missed It (ICYMI) looks at CEO whaling victim; Unpatched zero-day; Passwords dropped; Self-propagating ransomware; USB charging hack

65 million hacked Tumblr user details go up for sale on dark web

Tumbler waited three years to tell users about breach

Microsoft ends common password use and password lockout

Microsoft clamps down on easy-passwords in the wake of LinkedIn double breach.

Microsoft seeks to mitigate laziness by banning popular passwords

Old man Redmond looks to prevent "LinkedIn"-style debacle by preventing users from choosing popular passwords.

Millennials more likely to store sensitive data on mobile devices, study

An Equifax study found millennials were more likely to store sensitive data on their personal devices.

Biometrics deployed with a fallback password: statistics on false sense of security

Hitoshi Kokumai provides follow-up statistical data regarding "False sense of security" confirming eroneous perceptions exist regarding identity verification when two factors are used but not not linked.

NCA seeks encryption keys from UK hacking suspect Lauri Love

Alleged cyber-hacker Lauri Love, 31, appeared at Westminster Magistrates' Court on Tuesday in attempts to fight extradition to America for supposed attacks against the US Army, Federal Reserve Bank and the FBI in 2012 and 2013.

The end of password expiry

Changing passwords is no longer advised by CESG and Barry Scott says businesses should be encouraging users to think about how passwords are used and adopt additional security that works in tandem with passwords.

Why passwords alone are not enough

With the rise in phishing and social engineering techniques, even a hard-to-crack password is not enough to combat the risk of compromised user accounts according to Steve Manzuik.

Why passwords will never die

Fundamental issues with the nature of security mean that passwords aren't going anywhere for the foreseeable future says Bill Carey who sees their role remaining as part of multi-factor solutions.

Secure Shell (SSH) the key to the post-password world

The humble password is often seen as obsolete and ineffective. David Howell suggests that Secure Shell (SSH) key technology has several key advantages and can help to deliver the post-password world.

UK shoppers lose workday picking up aftermath of cyber-crime

More than 12 million Brits (20 percent) have been victimised by cyber-criminals this past year.