Mac: It's been a few years since we've seen AgileBits release a major update to its killer password management app, 1Password, which is why everyone's so excited about last week's debut of 1Password 7. This app should pretty much be a household name at this point, as it's one of the major password managers we recommend to create and store super-secure passwords and passphrases.
Tagged With passwords
Netgear has warned customers that they have seen "suspicious activity" on user accounts associated with their Arlo security cameras. The company is very clear in saying they don't believe their systems have been breached. Rather, investigations suggest attackers may be using credentials obtained from other breaches and using those to attempt to gain unauthorised access to Arlo accounts. This is an object lesson in why you should use a unique password for every account and, preferably, use two-factor authentication on everything.
This week, password manager Dashlane analysed ten years' worth of passwords from public data breaches. The big lesson is, don't reuse passwords. Not even a little, not even with a "formula". Password formulas are easy to hack. And even your bullshit accounts deserve strong, unique passwords.
Every time we write about passwords on Lifehacker, a few readers share their secret formula for creating passwords. According to Ryan Merchant, senior manager at the password manager Dashlane, those formulas are easy to hack.
Cisco has released a bunch of security advisories with three of them rated at the company's highest level of criticality. Those three vulnerabilities, relating to Cisco Digital Network Architecture (DNA) Center, include a backdoor account and two static username and password combinations that could allow someone to bypass the authentication system for Cisco Digital Network Architecture (DNA) Center.
Last week, Twitter revealed that it had accidentally stored some user passwords in plain text, and thus suggested that all users change their Twitter password. It was bad. But honestly not that bad, according to Tristan Bolton, founder of enterprise cloud provider BoltonSmith. We talked to him about how it might have happened, and how it could have been worse.
If you're anything like the average web user, you probably have a staggering number of online logins, each with their own unique passwords to boot. And, while it's beneficial to change up your credentials, keeping track of your passwords from site to site can get hairy when there are dozens to remember.
There really is a day for everything and today we celebrate the humble password. This annual event, which seems to have slipped past the notice of the trendy people on the social pages of your local newspaper, takes place on the first Thursday in May each year. And it must be special because it even has its own website. But, seriously, passwords remain important so it's worth giving them some extra thought and, perhaps, planning for their demise.
Having to remember dozens, or even hundreds of passwords could become a thing of the past. The W3C has published a new API, that is at the Release Candidate stage, that will let web browsers use biometric information stored in smartphones. Chrome, Edge and Firefox will be supporting Webauthn, with Chrome and Firefox announcing support will be part of the releases made in May this year.
No one likes getting hacked, and it's generally true that the quicker you can spot something has gone awry, the better your chances of minimising the damage. These are the main warning signs to look out for, what they might mean, and some quick pointers about what you should do next.
How do you create a strong password? Easy: You mash your keyboard for a few seconds until you have a 50-character hunk of gibberish, then you copy and paste that into a password manager so you don't have to actually remember what it is.
Passwords are your way into almost all of your online accounts, from social networks to email platforms, but how do you know whether the ones you're using are strong enough to stand up to repeated hacking attempts? If you want to know how to do a self-audit on password security, and the best combinations to use to keep your data safe, we've asked the experts to explain.
If you've been using Google Chrome to store all of your logins and passwords, that's great - a lot better than scribbling your passwords on sticky notes and attaching them to your desktop monitor or laptop. Third-party password managers are even better (cross-platform, in many cases), and a new Chrome setting now makes it easy to move all of of your browser-saved passwords to a new app.
Anyone aware of the poor track record companies such as Equifax or Kickstarter have when dealing with sensitive information is probably curious as to the strength of their passwords. Passwords made via random generation are generally more secure than passwords you invent yourself (looking at you, "abc123"). Now you can check to see whether or not your password is part of a growing list of leaked passwords using 1Password, which just integrated the cracked password database Pwned Passwords into its app.
Still using BitTorrent to exclusively download legally acquired content such as operating system images or files you want to share privately with friends? If so, you might want to double-check your security settings to protect yourself from what researchers at Google's Project Zero are calling a "low complexity hack" affecting Transmission and other popular BitTorrent clients. The flaw could leave your computer vulnerable to control by malicious hackers, but you can protect yourself by following a few steps until official fixes are in place.
The sign up processes for online banking accounts, new email addresses, or health insurance apps all involve a few extra security measures to protect the precious data inside those accounts. Unfortunately, the security questions they make you answer aren't exactly secure. Your mother's maiden name just won't cut it anymore and, according to the New York Times, might cost you your credit score if someone gains access to your personal information. It's time to strengthen your security questions to keep the bad guys out of your accounts.