passwords

A government agency says three "random" words make for a better password than many other approaches. It says other strategies such as adding symbols and numbers can be counterproductive. The advice comes from the National Cyber Security Center ... (NCSC). That's a body in the United Kingdom that deals with major security breaches and gives advice to businesses and other government organizations. According to the NCSC, the advice is aimed at people who try to remember passwords. It says password manager tools are a good solution but remain widely unused. (Source: gov.uk ) Predictable Appr0@ch! The ... (view more)

A third-party Android app store has been hit by a big data breach. Aptoide users who registered between 21 July 2016 and 28 January 2018 may be affected. Aptoide works in a same way as Google's own Play app store, but isn't subject to its content ... regulations or security vettings. As with all third-party stores, users must confirm they accept security risks when installing apps from it. A hacker has published data from 20 million users and claims to have details of another 19 million users altogether. That's a big chunk of the 150 million people Aptoide claims have used its service at some ... (view more)

Infopackets Reader Ginny S. writes: " Dear Dennis, I am running Windows 10 Home and all the sudden it is telling me that I need to change my password and that my Windows password must meet complexity requirements . I have never had this issue ... before. To make matters worse it tells me that the password needs to be minimum of 8 characters and contain both upper and lower case, plus digits. This has happened twice already and I have a hard enough time remembering my passwords. How can I disable the Windows 10 Home password complexity and expiration ? All the posts I've come across all mention ... (view more)

The word "hacked" is worth 16 points in Scrabble. It's also what appears to have happened to a database of 218 million users of the popular online game "Words With Friends." A few weeks ago game creators Zynga said it "recently discovered that ... certain player account information may have been illegally accessed by outside hackers." It didn't give any detail on numbers, but went on to say that account login information may have been accessed. (Source: zynga.com ) Now a hacker has come forth and is attempting to sell the details of 620 million Zynga game accounts, of which 218 million ... (view more)

Chrome may soon warn users if their passwords have been compromised. It works by checking inputted passwords against those exposed in public data breaches. The feature is already available for Chrome from an official Google extension known as ... Password Checkup, but users need to actively install this extension to use it. Web browser Mozilla Firefox already has a similar feature built-in. Now a similar feature named "password leak detection" has been spotted in the code of Chrome Canary. That's a version of Chrome that includes test features planned for release in the main Chrome edition in a ... (view more)

More than one million fingerprints were exposed online for at least a week, according to security researchers. The company responsible for the data says it will take immediate action if there's a security threat. The data is held by Suprema, which ... operates a biometric lock system called Biostar 2. It lets building owners restrict access by fingerprint or facial recognition, rather than relying on measures such as physical keys or pass codes. The Guardian newspaper reports that Biostar 2 is used in a wider system that has 5,700 customers accessing 1.5 million locations across 83 countries. ... (view more)

An app designed to make it easier to get on public WiFi has accidentally exposed more than two million WiFi passwords. It appears to be a case of terrible design, rather than pure malice by the app designers. The app is called "WiFi Finder - connect ... to hotspots" and is listed on the Google Play store as having more than 100,000 downloads. In theory the app is part of a project to make using WiFi on the move more convenient. It's designed to be a massive database to which users can add public WiFi networks and the relevant passwords. For example, visitors to a coffee store could add the ... (view more)

The demise of the password has come a step closer this week with the adoption of a new standard for physical "keys" for logging in to websites. "WebAuthn," as it's called, makes it easier for sites to let users log in through a physical method - ... rather than relying on users having to remember a password. These methods range from USB devices that act like a physical key to biometric devices such as fingerprint or eye scanners. The big hope is that such devices reduce the need to rely on passwords which can be guessed or stolen in data breaches. Browsers Already On Board Having a ... (view more)

Security researchers say some major password manager tools could be flawed. But they also say it's still sensible to use them, just with a degree of caution. It's a fact that using the same password for multiple sites is a massive security risk. ... That's because if one site gets hacked, it could mean that hackers can use the same password on another website to gain access to potentially sensitive information, resulting in identity theft or financial loss. Password manager tools (such as Roboform and Dashlane ) aim to overcome two big dilemmas with online passwords - which is keeping passwords ... (view more)

A security researcher says he's found a major security flaw in the Mac's password storage tool. But he's refusing to publish the details as a protest against Apple's "bug bounty" program. Linuz Henze has produced a video showing what he calls an ... exploit of the Keychain feature in MacOS Mojave, the current edition of the operating system for Mac computers. Keychain is an application on Macs that lets users save passwords for online accounts and digital certificates so that they don't have to type them in again. Users can also open Keychain and access a full list of passwords. Normally every ... (view more)