Don’t use bad passwords. Not even for stupid stuff. Because the dumb social network you join today might add a wallet or a cloud service or a camera some day, and before you know it, the only thing stopping someone from draining your bank account and spying on your home is the word “dragon.”
Tagged With passwords
Autofill is a great setting if you don’t want to have to remember and type in your password every time you log in to an online account. In fact, we highly recommend you use a password manager (and take advantage of autofill features) to keep track of secure passwords. But autofill makes it easy to forget what your passwords are in the event you need to type them in elsewhere.
If you’ve ever purchased a domain name from Network Solutions, Register.com, or Web.com, you’ll want to change your password ASAP. The domain registrars have announced that they experienced a data breach in August 2019.
We try our best to keep Lifehacker readers aware of recent data breaches and security vulnerabilities that might have compromised their data. Any good website or service should tell you what’s up, too. Sometimes, though, you get an email out of the blue that your account credentials have been compromised — even though the company sending you that information is just fine.
One of the best things about having a solid password is that you don’t have to change it. If it’s strong, unique and hasn’t been compromised by an attacker, you gain no security benefits by modifying it according to some arbitrary timetable. Just let it be.
What you should be tracking is whether any of your passwords have been compromised during one of the many data breaches that have been making headlines recently — or before that.
Is your password sunshine, 666666, or monkey? Bad news: if a hacker tries to guess your password, those are some of the very first ones they’ll try. SplashData, makers of the password managers SplashID, TeamsID, and Gpassrecently examined over 5 million leaked passwords and named the 25 most common examples. Combined, these passwords are used by 10 per cent of all computer users.
It’s no secret we’re very into data security and online privacy, and one of the easiest steps you can take is to use a password manager to generate (and store) strong, very-difficult-to-crack passwords. Even if you don’t care about the security aspects — perhaps you think you’re unhackable — they’re an incredibly convenient way to remember your passwords for all the sites and services you subscribe to.
Yesterday, two significant data breaches were reported. Westpac disclosed that about 100,000 people had private data leaked through an attack on the recently PayID system and the Australian National University (ANU) said that the personal data of about 200,000 current and past students was accessed late last year and detected just two weeks ago.
The impact of these breaches is significant and a reminder that good cyber-hygiene is essential.
Microsoft has made a move with the most recent version of Windows 10, the May 2019 update. Among the changes introduced, Microsoft has removed the need to change passwords every 60 days. With emerging technology such as 2FA and better breach detection, Microsoft is trying to cut the bungee to password rules developed decades ago and nudge people and companies to better practices.
Flipboard, the news aggregation app and website, announced to its users in an email this week that a massive security breach left account login information vulnerable and accessible to hackers for over nine months. The company is taking measures to keep user information secure, but if you used your Flipboard password elsewhere, it’s time to change that.
Almost every significant data breach starts by compromising an end-point device. And the easiest way to do that is to steal some user credentials. It's why the theft of credentials from Yahoo!, Ashley Madison and other large companies are such a big deal. Many people use the same usernames and passwords on multiple sites. But what if your access to a site was governed by something other than a username and password? This is where the YubiKey fits in.
Microsoft has been pushing towards a password-free future for some time. Another step along this road has been taken. The Windows Hello authentication system has been granted FIDO2 certification. What is FIDO2 and why is this important?