How To Create Secure Password

How to craft the perfect password

By on February 28, 2014 at 10:30 AM.

How to craft the perfect password

It seems obvious, but passwords are our first line of defense against a growing army of nefarious hackers looking to steal our data, money or even identities. While many people know how serious the issue of cybersecurity is, many still use passwords that are remarkably bad. Compounding matters is the common practice of using the same password across multiple accounts, so a hacker who gains access to one account may be able to breach others. But protecting yourself is easy and there’s just no excuse for leaving your accounts vulnerable with bad passwords. More →

No Comments
Worst Internet Log In Passwords

‘Password’ is no longer the dumbest password of the year

By on January 20, 2014 at 11:57 AM.

‘Password’ is no longer the dumbest password of the year

New research conducted by SplashData revealed that “password” isn’t the dumbest password choice around anymore, as it has been replaced by “123456,” for the past year. However, “password” fell only one position compared with 2012, basically switching places with “123456.” The list of weak passwords includes various other obvious combinations such as “qwerty,” “iloveyou,” “1234,” “111111” and “000000.” Passwords such as “adobe123” or “photoshop” also made the top 20, revealing that many Internet users may choose passwords that are similar to the services they’re logging into. More →

No Comments
Password Security Strategies

This is why passwords need to die

By on January 13, 2014 at 11:10 AM.

This is why passwords need to die

Every other week it seems like we have to create new passwords that are increasingly complex and difficult to remember, with more requirements for capital letters, numbers and symbols aimed at preventing hackers from accessing our account information. Even worse, some sites even tell us to periodically change our passwords, which means that just as we’ve finally gotten comfortable with the passwords we have, we’re forced to memorize new ones. Wouter Smet, who is “employed as Growth Hacker at social media management software company Engagor,” has written a very thorough guide to help people create smart password strategies that also shows us just how ridiculous the standard password system has become. More →

No Comments

Your parents pick better passwords than you do

By on June 1, 2012 at 12:00 PM.

Your parents pick better passwords than you do

Password Security Study

Computer users over the age of 55 employ passwords that are twice as secure as passwords used by those under 25 years old. A recent study conducted by Joseph Bonneau, a computer scientist at the University of Cambridge, analyzed almost 70 million passwords belonging to Yahoo users around the world. Ensuring that data was kept anonymous and passwords could not be tied to individual accounts, Bonneau looked at password strength alongside other data such as age and locale. Beyond the relationship between age and security, the researcher found that German and Korea speakers generally use the strongest passwords, and the presence of credit card data on a user’s account seemingly does not prompt that user to avoid weak passwords such as “123456.” Bonneau’s study was the largest of its kind, and he unveiled his findings at the Symposium on Security and Privacy in San Francisco, California earlier this month. More →

No Comments

Apple becomes latest ‘Anonymous’ hacker target

By on July 4, 2011 at 11:20 AM.

Apple becomes latest ‘Anonymous’ hacker target

Notorious hacker collective “Anonymous Operations” on Sunday published data it claims to have obtained by breaching a server belonging to Apple. The data, which consisted of 27 usernames and passwords, was allegedly taken during from surveys stored on an Apple server. Though the group said on one of its Twitter accounts that it is “busy elsewhere,” and therefore will seemingly not be targeting Apple again in the near future, it claims to have exploited a security flaw common to several companies when it gained access to Apple’s server. Anonymous said the breach was part of its AntiSec movement, short for anti-security, which is aimed at “exposing corporate and government data and humiliating security firms.” More →

36 Comments

AntiSec hacks Universal and Viacom; leaks user data, passwords

By on June 29, 2011 at 8:15 PM.

AntiSec hacks Universal and Viacom; leaks user data, passwords

A hacking group named LulzSec made headlines recently for attacking high visibility targets, including Sony and the U.S. government. LulzSec announced earlier this week that it was stopping its operations, and rumor has it many of the members joined up with Anonymous’ “AntiSec” hacking group. Now that group is making its own headlines. On Tuesday AntiSec claimed responsibility for attacks against Universal and Viacom. According to The Wall Street Journal, the hackers released personal data, including passwords, from the Universal Music Website. It also obtained and leaked information about Viacom’s network. It’s unclear how many users were affected by the security breach, although we hope to hear an official word from both firms in the near future. More →

7 Comments

Sly developer reveals most common iPhone passcodes

By on June 14, 2011 at 5:45 PM.

Sly developer reveals most common iPhone passcodes

Daniel Amitay, the iPhone developer who created “Big Brother Camera Security” application, has released a list of the top 10 iPhone passcodes. Amity implemented code into his last software update that allowed the application to record passwords entered in by its users. Since his app’s lock and passcode screens look identical to the iPhone’s, he argues that his data reflects an iPhone user’s actual password. Of the 204,508 recorded passcodes collected, the most popular was, not surprisingly, 1234. That’s followed by 0000, 2580, 1111, 5555, 5683, 0852, 2222, 1212, and 1998. Amity says those codes represent 15% of all passwords in use. As you might expect, many of them follow simple patterns on the keyboard. “iloveyou” has always been a popular password and 5683, the No. 6 passcode on the list, can be translated into ‘LOVE’ on a standard alphanumeric keypad. Amitay also found that the numbers 1990-2000 were all in the top 50 passcodes, and 1980 – 1989 were all in the top 100, suggesting that many users may be entering in the year of their birth or graduation. Hit the jump for another chart. More →

24 Comments

Sony Pictures breach confirmed to be authentic; Sony launches investigation

By on June 3, 2011 at 9:15 AM.

Sony Pictures breach confirmed to be authentic; Sony launches investigation

A small group of hackers calling themselves LulzSec on Thursday claimed to have breached a Sony website and gained access to personal information belonging to over 1 million Sony customers. The group posted a statement claiming it did not have the resources to download the massive database tied to SonyPictures.com, but it provided samples of the data accessed in order to prove the breach was real. The Associated Press contacted several of the purported victims using phone numbers posted by LulzSec, and it was able to confirm with multiple victims that the data, which included account passwords, was authentic and accurate. Sony has not yet confirmed the breach, though a company spokesperson did say Sony is currently investigating the claims. This new breach is the latest in a string of hacks on various Sony networks that have compromised personal data belonging to over 100 million Sony customers. More →

24 Comments

Fraunhofer cracks iPhone password in 6 minutes, exposes stored passwords [video]

By on February 10, 2011 at 7:27 AM.

Fraunhofer cracks iPhone password in 6 minutes, exposes stored passwords [video]

What’s the one thing that could make losing your iPhone worse? If the person who happens to find your AWOL iPhone knows exactly what they’re doing. In a two-minute video clip published by German engineering firm Fraunhofer, the company demonstrates how an iPhone’s password security can be rendered completely moot. The demonstration takes a locked, unmodified iPhone, running the latest firmware, and, with the help of jailbreaking software, gains access to all stored passwords on the device — Wi-Fi networks, saved website logins… anything stored in your keychain file. The demonstration is meant to illustrate how crucial it is for companies and individuals to not only use a pass codes on mobile devices, but also react quickly — preferably initiating a remote wipe — if the device is lost. The video demonstration is waiting for you after the break. More →

61 Comments

FTC will not fine Google for stealing passwords with Street View cars

By on October 27, 2010 at 5:45 PM.

FTC will not fine Google for stealing passwords with Street View cars

Following Google’s recent admission that it accidentally stole passwords, emails and other personal information with its Street View cars, the Federal Trade Commission has decided not to issue any fines. Earlier this week, Google confirmed accusations that its Street View cars — the vehicles Google uses to take Street View images for its popular Google Maps service — inadvertently stole sensitive personal data from various homes with open Wi-Fi networks. Wednesday, the FTC confirmed that a resulting investigation did not find cause to fine Google for its unlawful actions. FTC director for consumer protection David C. Vladeck said the following in a letter to Google:

Google has made assurances to the FTC that the company has not used and will not use any of the payload data collected in any Google product or service, now or in the future. This assurance is critical to mitigate the potential harm to consumers from the collection of payload data. Because of these commitments, we are ending our inquiry into this matter at this time.

[Via CNN] More →

60 Comments

Data captured by Google Street View includes passwords and emails

By on June 19, 2010 at 12:14 PM.

Data captured by Google Street View includes passwords and emails

google-street-view-car

Google confirmed last month that while snapping photos of the local flavor, the search giant was also inadvertently capturing packets of data from unsecured routers. Google downplayed the severity of this guffaw by reassuring people that only small, presumably useless, fragments of personal data were collected. Despite Google’s re-assurance, this admission caused a stir amongst privacy groups and prompted several agencies to take a closer look at the data that Google collected. The French National Commission on Computing and Liberty (CNIL) was one such group and the first to officially get its hand on the stored data. CNIL announced the results of its investigation on Friday and revealed that the captured fragments included email passwords and extracted portions of email messages. Bad news for Google as this revelation is the perfect ammunition for groups already upset with Google and its management of a vast treasure trove of personal data. More →

64 Comments