Don’t use bad passwords. Not even for stupid stuff. Because the dumb social network you join today might add a wallet or a cloud service or a camera some day, and before you know it, the only thing stopping someone from draining your bank account and spying on your home is the word “dragon.”

If you own a Ring camera and you’ve seen headlines like Vice’s “How Hackers Are Breaking Into Ring Cameras,” you’re undoubtedly a bit nervous. Has someone broken into your own home setup? Are they watching you? Your pets? Your kids?

Autofill is a great setting if you don’t want to have to remember and type in your password every time you log in to an online account. In fact, we highly recommend you use a password manager (and take advantage of autofill features) to keep track of secure passwords. But autofill makes it easy to forget what your passwords are in the event you need to type them in elsewhere.

If you’ve ever purchased a domain name from Network Solutions, Register.com, or Web.com, you’ll want to change your password ASAP. The domain registrars have announced that they experienced a data breach in August 2019.

Welcome back to our weekly technology-advice column. This week, we’re tackling a question from a reader who finds it annoying when his browser prompts him to save passwords on a service he’d rather not use. Does this sound like you? Read on.

If you’re a LastPass user, you should make sure that you’re currently running the latest version of the browser extension.

Windows Hello is a biometric sign-in system for Windows 10 that uses a near infrared (IR) imaging camera or fingerprint reader instead of a password to identify you. Here's everything you need to know.

We try our best to keep Lifehacker readers aware of recent data breaches and security vulnerabilities that might have compromised their data. Any good website or service should tell you what’s up, too. Sometimes, though, you get an email out of the blue that your account credentials have been compromised — even though the company sending you that information is just fine.

One of the best things about having a solid password is that you don’t have to change it. If it’s strong, unique and hasn’t been compromised by an attacker, you gain no security benefits by modifying it according to some arbitrary timetable. Just let it be.

What you should be tracking is whether any of your passwords have been compromised during one of the many data breaches that have been making headlines recently — or before that.

If you can’t remember the last time you changed the passwords on your loyalty program accounts, it’s time to make some password updates -- or risk being hacked.

Is your password sunshine, 666666, or monkey? Bad news: if a hacker tries to guess your password, those are some of the very first ones they’ll try. SplashData, makers of the password managers SplashID, TeamsID, and Gpassrecently examined over 5 million leaked passwords and named the 25 most common examples. Combined, these passwords are used by 10 per cent of all computer users.

It’s no secret we’re very into data security and online privacy, and one of the easiest steps you can take is to use a password manager to generate (and store) strong, very-difficult-to-crack passwords. Even if you don’t care about the security aspects — perhaps you think you’re unhackable — they’re an incredibly convenient way to remember your passwords for all the sites and services you subscribe to.

Firefox users recently pulled up their browsers to find that all their saved passwords went missing. If this happened to you, don’t worry: Your passwords haven’t gone anywhere, despite what it seems. 

The experience we know as password hell could soon be radically changed for the better. Struggling to come up with long strings of complex capital and lower case letters, numbers and symbols? That's so yesterday.

Old, unused email accounts put your security and privacy at risk. With a compromised account, someone can impersonate you, search for personal information, or try the same password on your other accounts.

Yesterday, two significant data breaches were reported. Westpac disclosed that about 100,000 people had private data leaked through an attack on the recently PayID system and the Australian National University (ANU) said that the personal data of about 200,000 current and past students was accessed late last year and detected just two weeks ago.

The impact of these breaches is significant and a reminder that good cyber-hygiene is essential.

Microsoft has made a move with the most recent version of Windows 10, the May 2019 update. Among the changes introduced, Microsoft has removed the need to change passwords every 60 days. With emerging technology such as 2FA and better breach detection, Microsoft is trying to cut the bungee to password rules developed decades ago and nudge people and companies to better practices.

Flipboard, the news aggregation app and website, announced to its users in an email this week that a massive security breach left account login information vulnerable and accessible to hackers for over nine months. The company is taking measures to keep user information secure, but if you used your Flipboard password elsewhere, it’s time to change that.

Almost every significant data breach starts by compromising an end-point device. And the easiest way to do that is to steal some user credentials. It's why the theft of credentials from Yahoo!, Ashley Madison and other large companies are such a big deal. Many people use the same usernames and passwords on multiple sites. But what if your access to a site was governed by something other than a username and password? This is where the YubiKey fits in.