Over the past few weeks, there's been a huge focus on paying attention to the apps you have connected to your Facebook account. While that's certainly a great idea, you shouldn't ignore another large company that you're also probably handing over a lot of your personal info to as well: Google.
Tagged With passwords
Having to remember dozens, or even hundreds of passwords could become a thing of the past. The W3C has published a new API, that is at the Release Candidate stage, that will let web browsers use biometric information stored in smartphones. Chrome, Edge and Firefox will be supporting Webauthn, with Chrome and Firefox announcing support will be part of the releases made in May this year.
No one likes getting hacked, and it's generally true that the quicker you can spot something has gone awry, the better your chances of minimising the damage. These are the main warning signs to look out for, what they might mean, and some quick pointers about what you should do next.
How do you create a strong password? Easy: You mash your keyboard for a few seconds until you have a 50-character hunk of gibberish, then you copy and paste that into a password manager so you don't have to actually remember what it is.
Passwords are your way into almost all of your online accounts, from social networks to email platforms, but how do you know whether the ones you're using are strong enough to stand up to repeated hacking attempts? If you want to know how to do a self-audit on password security, and the best combinations to use to keep your data safe, we've asked the experts to explain.
If you've been using Google Chrome to store all of your logins and passwords, that's great - a lot better than scribbling your passwords on sticky notes and attaching them to your desktop monitor or laptop. Third-party password managers are even better (cross-platform, in many cases), and a new Chrome setting now makes it easy to move all of of your browser-saved passwords to a new app.
Anyone aware of the poor track record companies such as Equifax or Kickstarter have when dealing with sensitive information is probably curious as to the strength of their passwords. Passwords made via random generation are generally more secure than passwords you invent yourself (looking at you, "abc123"). Now you can check to see whether or not your password is part of a growing list of leaked passwords using 1Password, which just integrated the cracked password database Pwned Passwords into its app.
Still using BitTorrent to exclusively download legally acquired content such as operating system images or files you want to share privately with friends? If so, you might want to double-check your security settings to protect yourself from what researchers at Google's Project Zero are calling a "low complexity hack" affecting Transmission and other popular BitTorrent clients. The flaw could leave your computer vulnerable to control by malicious hackers, but you can protect yourself by following a few steps until official fixes are in place.
The sign up processes for online banking accounts, new email addresses, or health insurance apps all involve a few extra security measures to protect the precious data inside those accounts. Unfortunately, the security questions they make you answer aren't exactly secure. Your mother's maiden name just won't cut it anymore and, according to the New York Times, might cost you your credit score if someone gains access to your personal information. It's time to strengthen your security questions to keep the bad guys out of your accounts.
If you had any doubts that criminals were in investing in technology, then this will allay those concerns. By aggregating the data from over 250 separate breaches, cybercriminals have created an easily accessed and usable treasure trove with 1.4 billion clear text log-in credentials according to security researchers 4iQ. If you're in the habit of reusing your credentials then this aggregated, interactive database which lets criminals query and receive responses in under a second should have you worried.
You know by now that you absolutely need a password manager. But you never get around to buying one. Let's fix that right now with RememBear, a new password manager that's easy to install and figure out. We tested it, and while we still prefer 1Password for most users, we recommend RememBear for beginners, especially during its free beta period.
Mac users running the latest version of Apple's operating system, High Sierra, are susceptible to a pretty huge flaw that could grant anyone with physical access to your Mac unfettered access to everything on your machine. The hack seems to be affecting only macOS High Sierra 10.13 and 10.13.1 versions. Luckily, Apple has now issued a fix.
Hopefully you took advantage of Microsoft's free upgrade offer that allowed consumers to update computers running Windows 7 or 8 to Windows 10 (and if you didn't, it isn't too late!). If you did, you should take advantage of one of the most convenient and downright pleasant features in Windows 10: The ability to login by simply looking at your PC, using Windows Hello. It's easy to setup, but may cost you a few bucks depending on the PC and accessories you currently own.
Phishing attacks, wherein scammers pretend to be legitimate companies in order to trick you into handing over sensitive information such as usernames, passwords or credit card information, are getting more difficult to spot. Even Google is susceptible to more sophisticated attacks, which have popped up everywhere from email attachments to shared Google documents.
No doubt you've Googled yourself at least once to see what comes up (or to see what embarrassing photos and blog posts you need to purge from the web before your boss finds them). While doing a search for yourself might yield some predictable results -- your LinkedIn page, any mentions of you in the local paper, obituaries for other people with the same name -- a conversation with a friend on the topic of data breaches led me to search for something I rarely need to find: my own iCloud email address.
A while back, I woke up to find my Android phone lingering at a pattern unlock screen. Not just to unlock my screen, but a prompt to decrypt all of my phone's data. I was puzzled. Every other morning, I decrypted my device using a 10-digit, alphanumeric passphrase -- something I perceived, accurately, as being infinitely more secure than tracing a dumb pattern with my finger.