Authentication, Password Management and Passwords

A Password Manager Isn't Just for Christmas, It's for Life (So Here's 50% Off!)

Troy Hunt

DECEMBER 7, 2021

He's not a techie (he runs a pizza restaurant), but somehow, we ended up talking about passwords. Change the password to one 1Password automatically generates c. Obviously, he still has a heap of accounts to set decent passwords on, but now he knows the pattern and he can repeat that over and over again.

Passwords

Passwords Password Management Banking Accountability

Keeper Password Manager Review (2024): Features, Pros, & Cons

Tech Republic Security

DECEMBER 11, 2024

Keepers extensive authentication options and generous discounts make it an alluring password manager to try this year. Read more about it in our full review.

Password Management

Password Management Passwords Authentication

Ukraine Nabs Suspect in 773M Password ?Megabreach?

Krebs on Security

MAY 19, 2020

In January 2019, dozens of media outlets raised the alarm about a new “megabreach” involving the release of some 773 million stolen usernames and passwords that was breathlessly labeled “the largest collection of stolen data in history.” By far the most important passwords are those protecting our email inbox(es).

Passwords

Passwords Accountability Hacking Password Management

MY TAKE: Businesses gravitate to ‘passwordless’ authentication — widespread consumer use up next

The Last Watchdog

MAY 24, 2022

This is one giant leap towards getting rid of passwords entirely. Perhaps not coincidently, it comes at a time when enterprises have begun adopting passwordless authentication systems in mission-critical parts of their internal operations. Excising passwords as the security linchpin to digital services is long, long overdue.

Authentication

Authentication Passwords Banking Digital transformation

Keeper vs LastPass: Which password manager is better for your business?

Tech Republic Security

JUNE 3, 2022

Compare key features of password managers Keeper and LastPass, including zero trust and user authentication capabilities. The post Keeper vs LastPass: Which password manager is better for your business? appeared first on TechRepublic.

Password Management

Password Management Passwords Authentication Software

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Krebs on Security

SEPTEMBER 22, 2023

The password manager service LastPass is now forcing some of its users to pick longer master passwords. But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass.

Passwords

Passwords Encryption Password Management Cryptocurrency

The Risk of Weak Online Banking Passwords

Krebs on Security

AUGUST 5, 2019

If you bank online and choose weak or re-used passwords, there’s a decent chance your account could be pilfered by cyberthieves — even if your bank offers multi-factor authentication as part of its login process. Crooks are constantly probing bank Web sites for customer accounts protected by weak or recycled passwords.

Banking

Banking Passwords Risk Accountability

How do password managers make sense

CyberSecurity Insiders

MAY 9, 2023

In today’s digital age, managing passwords has become increasingly complex. With the average internet user having more than 100 passwords to remember, it’s no wonder that people often resort to using weak passwords that are easy to remember or reuse the same passwords across multiple accounts.

Password Management

Password Management Passwords Authentication Accountability

GUEST ESSAY: Until we eliminate passwords, follow these 4 sure steps to password hygiene

The Last Watchdog

NOVEMBER 22, 2021

Until biometrics or a quantum solution change our everyday approach to encryption, passwords remain our first line of defense against data breaches, hackers, and thieves. Proper password hygiene doesn’t require a degree in rocket science. 1) Create sufficiently-complex passwords. But simpler passwords are much easier to hack.

Passwords

Passwords Password Management Accountability Data breaches

Make Life Safer and Easier With This Password Manager for Just $15

Tech Republic Security

DECEMBER 1, 2023

Store unlimited passwords in unlimited vaults on multiple servers, customize fields, use the tool on your smart watch, enjoy built-in authenticator and much more.

Password Management

Password Management Passwords Authentication

773M Password ‘Megabreach’ is Years Old

Krebs on Security

JANUARY 17, 2019

My inbox and Twitter messages positively lit up today with people forwarding stories from Wired and other publications about a supposedly new trove of nearly 773 million unique email addresses and 21 million unique passwords that were posted to a hacking forum. 000002 cents per password). Please don’t do that.

Passwords

Passwords Accountability Hacking Password Management

A Breach, or Just a Forced Password Reset?

Krebs on Security

DECEMBER 4, 2018

Software giant Citrix Systems recently forced a password reset for many users of its Sharefile content collaboration service, warning it would be doing this on a regular basis in response to password-guessing attacks that target people who re-use passwords across multiple Web sites. periodically).

Passwords

Passwords Authentication Accountability Password Management

GUEST ESSAY: Understanding the security limits of the static and dynamic passwords we rely on

The Last Watchdog

JANUARY 31, 2022

We all rely on passwords. For better or worse, we will continue to use passwords to access our computing devices and digital services for years to come. Related : The coming of password-less access. Passwords were static to begin with. They have since been modified in two directions: biometrics and dynamic passwords.

Passwords

Passwords Computers and Electronics Password Management Artificial Intelligence

Banks, Arbitrary Password Restrictions and Why They Don't Matter

Troy Hunt

SEPTEMBER 17, 2019

Allow me to be controversial for a moment: arbitrary password restrictions on banks such as short max lengths and disallowed characters don't matter. Also, allow me to argue with myself for a moment: banks shouldn't have these restrictions in place anyway. 6 characters. for my *online banking*.

Banking

Banking Passwords Accountability Authentication

68k Phishing Victims are Now Searchable in Have I Been Pwned, Courtesy of CERT Poland

Troy Hunt

AUGUST 30, 2023

The advice to impacted individuals is as follows: Get a digital password manager to help you make all passwords strong and unique If you've been reusing passwords, change them to strong and unique versions now, starting with the most important services you use Turn on multi-factor authentication wherever it's available, especially for important (..)

Phishing

Phishing Password Management Passwords Banking

Phishing evolves beyond email to become latest Android app threat

Malwarebytes

FEBRUARY 11, 2025

Of those malicious apps, 5,200 could subvert one of the strongest security practices available today, called multifactor authentication, by prying into basic text messages sent to a device. They dont crack into password managers or spy on passwords entered for separate apps.

Phishing

Phishing Passwords Mobile Authentication

GUEST ESSAY: The case for shifting to ‘personal authentication’ as the future of identity

The Last Watchdog

FEBRUARY 3, 2022

I currently have over 450 accounts that use passwords combined with a variety of two-factor authentication methods. Related: How the Fido Alliance enables password-less authentication. I don’t know every password; indeed, each password is long, complex and unique. Sharing protocols.

Authentication

Authentication Passwords Accountability Technology

Top Unexpected Ways to Utilise a Password Manager for Enhanced Security and Organisation

IT Security Guru

JANUARY 22, 2024

Password managers have become integral tools for individuals and businesses alike. They are primarily known for securely saving and managing login credentials so users don’t have to remember them all or write them down, where they could be compromised.

Password Management

Password Management Passwords Banking Accountability

GUEST ESSAY: ‘World password day’ reminds us to embrace password security best practices

The Last Watchdog

MAY 26, 2021

We celebrated World Password Day on May 6, 2021. Every year, the first Thursday in May serves as a reminder for us to take control of our personal password strategies. Passwords are now an expected and typical part of our data-driven online lives. Passwords are now an expected and typical part of our data-driven online lives.

Passwords

Passwords Password Management Accountability Authentication

Here's Why [Insert Thing Here] Is Not a Password Killer

Troy Hunt

NOVEMBER 5, 2018

Often it's related to data breaches or sloppy behaviour on behalf of some online service playing fast and loose with HTTPS or passwords or some other easily observable security posture. It's totally going to kill passwords! I know, massive shock right?

Passwords

Passwords Authentication Data breaches Accountability

Threat Modeling and Logins

Adam Shostack

JANUARY 2, 2025

Authentication is more frustrating to your customers when you dont threat model. The bank unexpectedly sent me a temporary password to sign up, and when I did, the temporary password had expired. But then, after I went to reset the password, the bank emailed me a one time code. Recently, I was opening a new bank account.

Banking

Banking Passwords Password Management Authentication

Why we’re no longer doing April Fools’ Day

Malwarebytes

MARCH 31, 2025

Use a different password for every account. If you get your username and password stolen on one account you dont want scammers to be able to use it on another. Password managers help you create complex passwords, and they remember them for you. Set up multi-factor authentication on every account you can.

Scams

Scams Passwords Accountability Password Management

Predatory app downloaded 100,000 times from Google Play Store steals data, uses it for blackmail

Malwarebytes

FEBRUARY 25, 2025

If you find an app from this family or another information stealer on your device, there are a few guidelines to follow to limit the damage: Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you dont use for anything else. Enable two-factor authentication (2FA).

Passwords

Passwords Password Management Phishing Authentication

Data From The Qakbot Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI

Troy Hunt

AUGUST 29, 2023

Further, the passwords from the malware will shortly be searchable in the Pwned Passwords service which can either be checked online or via the API. Pwned Passwords is presently requested 5 and a half billion times each month to help organisations prevent people from using known compromised passwords.

Malware

Malware Passwords Password Management Antivirus

Fake Booking.com phish uses fake CAPTCHAs to trick hotel staff into downloading malware

Malwarebytes

MARCH 26, 2025

Use a different password for every online account. Choose a strong password that you dont use for anything else. Better yet, let a password manager choose one for you. Enable two-factor authentication (2FA). Some forms of two-factor authentication (2FA) can be phished just as easily as a password.

Phishing

Phishing Malware Passwords Password Management

The Hidden Cost of Ransomware: Wholesale Password Theft

Krebs on Security

JANUARY 6, 2020

Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. ” WHOLESALE PASSWORD THEFT. “We were doing the right things, just not fast enough.

Passwords

Passwords Ransomware Password Management Malware

When Security Locks You Out of Everything

Schneier on Security

JUNE 28, 2022

Thought experiment story of someone of someone who lost everything in a house fire, and now can’t log into anything: But to get into my cloud, I need my password and 2FA. To get my passwords, I need my 2FA. To get my 2FA, I need my passwords. I am in cyclic dependency hell. There is no-one to convince. Code is law.

Passwords

Passwords Password Management Backups Risk

10 Behaviors That Will Reduce Your Risk Online

Daniel Miessler

MAY 14, 2020

Use unique, strong passwords, and store them in a password manager. Many people get hacked from having guessable or previously compromised passwords. Good passwords are long, random, and unique to each account, which means it’s impossible for a human to manage them on their own. Everything.

Risk

Risk Passwords Password Management Accountability

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

Every time there is another data breach, we are asked to change our password at the breached entity. Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another.

Passwords

Passwords Password Management Phishing Scams

Still Using Passwords? Get Started with Phishing-Resistant, Passwordless Authentication Now!

Cisco Security

NOVEMBER 2, 2022

Going beyond the hype, passwordless authentication is now a reality. Cisco Duo’s passwordless authentication is now generally available across all Duo Editions. “ Cisco Duo simplifies the passwordless journey for organizations that want to implement phishing-resistant authentication and adopt a zero trust security strategy.

Authentication

Authentication Passwords Phishing Mobile

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Security Affairs

NOVEMBER 15, 2024

The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information. Glove Stealer is a.NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data.

Encryption

Encryption Password Management Cryptocurrency Social Engineering

UnitedHealth almost doubles victim numbers from massive Change Healthcare data breach

Malwarebytes

JANUARY 27, 2025

Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you dont use for anything else. Better yet, let a password manager choose one for you. Enable two-factor authentication (2FA). 2FA that relies on a FIDO2 device cant be phished.

Data breaches

Data breaches Healthcare Passwords Insurance

Should you allow your browser to remember your passwords?

Malwarebytes

NOVEMBER 2, 2023

At Malwarebytes we’ve been telling people for years not to reuse passwords, and that a password manager is a secure way of remembering all the passwords you need for your online accounts. But we also know that a password manager can be overwhelming, especially when you’re just getting started.

Passwords

Passwords Password Management Data breaches Authentication

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking. Use a password manager : Simplifies managing strong, unique passwords across accounts.

Identity Theft

Identity Theft Passwords Malware Banking

Data From The Emotet Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI and NHTCU

Troy Hunt

APRIL 26, 2021

Change your email account password. Also change passwords and security questions for any accounts you may have stored in either your inbox or browser, especially those of higher value such as banking. Turn on 2 factor authentication wherever available. Keep operating systems and software patched.

Malware

Malware Passwords Banking Password Management

Making authentication faster than ever: passkeys vs. passwords

Google Security

MAY 5, 2023

Silvia Convento, Senior UX Researcher and Court Jacinic, Senior UX Content Designer In recognition of World Password Day 2023, Google announced its next step toward a passwordless future: passkeys. Passkeys are not just easier to use, but also significantly faster than passwords. On average, a user can successfully sign in within 14.9

Authentication

Authentication Passwords Technology Password Management

100 million US citizens officially impacted by Change Healthcare data breach

Malwarebytes

OCTOBER 25, 2024

Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you. Enable two-factor authentication (2FA). 2FA that relies on a FIDO2 device can’t be phished.

Healthcare

Healthcare Data breaches Passwords Identity Theft

Man accused of using keylogger to spy on colleagues, log in to their personal accounts and watch them at home

Malwarebytes

APRIL 9, 2025

Don’t reuse passwords. People often use the same password across multiple accounts for convenience. If a keylogger reads one password, its owner can try the same credentials on your other accounts. Use a password manager. Another way to prevent a keylogger from reading your passwords is not to type them in.

Accountability

Accountability Spyware Passwords Password Management

Why you should act like your CEO’s password is “querty”

Malwarebytes

MAY 20, 2022

A poor password at the highest levels of an organisation can cost a company millions in losses. Recent findings show that half of IT leaders store passwords in shared documents. On top of that, it seems that folks at executive level are not picking good passwords either. Are CEOs naming their passwords after themselves?

Passwords

Passwords Password Management Authentication VPN

The headache of changing passwords

Tech Republic Security

FEBRUARY 1, 2023

Change Your Password Day — an annual reminder of just how bad passwords really are. The post The headache of changing passwords appeared first on TechRepublic.

Passwords

Passwords Password Management Authentication

City of Columbus breach affects around half a million citizens

Malwarebytes

NOVEMBER 4, 2024

Change your password. You can make a stolen password useless to thieves by changing it. Choose a strong password that you don’t use for anything else. Better yet, let a password manager choose one for you. Enable two-factor authentication (2FA). 2FA that relies on a FIDO2 device can’t be phished.

Data breaches

Data breaches Passwords Ransomware Phishing

Scammers can easily phish your multi-factor authentication codes. Here’s how to avoid it

Malwarebytes

MAY 16, 2024

More and more websites and services are making multi-factor-authentication (MFA) mandatory, which makes it much harder for cybercriminals to access your accounts. A type of phishing we’re calling authentication-in-the-middle is showing up in online media. Use a password manager. That’s a great thing.

Authentication

Authentication Phishing Password Management Scams

Okta moves passkeys to cloud, allowing multi-device authentication

Tech Republic Security

JUNE 20, 2023

Okta’s formula for multi-device identity authentication for a hybrid workforce: extract passwords, add ease of passkeys across devices. The post Okta moves passkeys to cloud, allowing multi-device authentication appeared first on TechRepublic.

Authentication

Authentication Passwords Password Management Software

Bitwarden launches new MFA Authenticator app for iOS, Android

Bleeping Computer

MAY 2, 2024

Bitwarden, the creator of the popular open-source password manager, has just launched a new authenticator app called Bitwarden Authenticator, which is available for iOS and Android devices. [.]

Authentication

Authentication Password Management Passwords Software

A Password Manager Isn't Just for Christmas, It's for Life (So Here's 50% Off!)

Keeper Password Manager Review (2024): Features, Pros, & Cons

Trending Sources

Ukraine Nabs Suspect in 773M Password ?Megabreach?

MY TAKE: Businesses gravitate to ‘passwordless’ authentication — widespread consumer use up next

Keeper vs LastPass: Which password manager is better for your business?

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

The Risk of Weak Online Banking Passwords

How do password managers make sense

GUEST ESSAY: Until we eliminate passwords, follow these 4 sure steps to password hygiene

Make Life Safer and Easier With This Password Manager for Just $15

773M Password ‘Megabreach’ is Years Old

A Breach, or Just a Forced Password Reset?

GUEST ESSAY: Understanding the security limits of the static and dynamic passwords we rely on

Banks, Arbitrary Password Restrictions and Why They Don't Matter

68k Phishing Victims are Now Searchable in Have I Been Pwned, Courtesy of CERT Poland

Phishing evolves beyond email to become latest Android app threat

GUEST ESSAY: The case for shifting to ‘personal authentication’ as the future of identity

Top Unexpected Ways to Utilise a Password Manager for Enhanced Security and Organisation

GUEST ESSAY: ‘World password day’ reminds us to embrace password security best practices

Here's Why [Insert Thing Here] Is Not a Password Killer

Threat Modeling and Logins

Why we’re no longer doing April Fools’ Day

Predatory app downloaded 100,000 times from Google Play Store steals data, uses it for blackmail

Data From The Qakbot Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI

Fake Booking.com phish uses fake CAPTCHAs to trick hotel staff into downloading malware

The Hidden Cost of Ransomware: Wholesale Password Theft

When Security Locks You Out of Everything

10 Behaviors That Will Reduce Your Risk Online

The Life Cycle of a Breached Database

Still Using Passwords? Get Started with Phishing-Resistant, Passwordless Authentication Now!

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

UnitedHealth almost doubles victim numbers from massive Change Healthcare data breach

Should you allow your browser to remember your passwords?

International law enforcement operation dismantled RedLine and Meta infostealers

Data From The Emotet Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBI and NHTCU

Making authentication faster than ever: passkeys vs. passwords

100 million US citizens officially impacted by Change Healthcare data breach

Man accused of using keylogger to spy on colleagues, log in to their personal accounts and watch them at home

Why you should act like your CEO’s password is “querty”

The headache of changing passwords

City of Columbus breach affects around half a million citizens

Scammers can easily phish your multi-factor authentication codes. Here’s how to avoid it

Okta moves passkeys to cloud, allowing multi-device authentication

Bitwarden launches new MFA Authenticator app for iOS, Android

Stay Connected