Remove Passwords Remove Personal Security Remove Risk
article thumbnail

GUEST ESSAY: Until we eliminate passwords, follow these 4 sure steps to password hygiene

The Last Watchdog

Until biometrics or a quantum solution change our everyday approach to encryption, passwords remain our first line of defense against data breaches, hackers, and thieves. Proper password hygiene doesn’t require a degree in rocket science. 1) Create sufficiently-complex passwords. But simpler passwords are much easier to hack.

Passwords 244
article thumbnail

When Accounts are "Hacked" Due to Poor Passwords, Victims Must Share the Blame

Troy Hunt

The first one was about HSBC disclosing a "security incident" which, upon closer inspection, boiled down to this: The security incident that HSBC described in its letter seems to fit the characteristics of brute-force password-guessing attempts, also known as a credentials stuffing attack.

Passwords 236
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

The 773 Million Record "Collection #1" Data Breach

Troy Hunt

Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. In total, there are 1,160,253,228 unique combinations of email addresses and passwords. This is when treating the password as case sensitive but the email address as not case sensitive. There are 21,222,975 unique passwords. It'll be 99.x%

article thumbnail

Relax. Internet password books are OK

Malwarebytes

Passwords are a hot topic on social media at the moment, due to the re-emergence of a discussion about good password management practices. There’s a wealth of password management options available, some more desirable than others. Others involve syncing passwords with services such as Dropbox. The big book of passwords.

Passwords 137
article thumbnail

Intimate Partner Threat

Schneier on Security

Princeton's Karen Levy has a good article computer security and the intimate partner threat: When you learn that your privacy has been compromised, the common advice is to prevent additional access -- delete your insecure account, open a new one, change your password.

Passwords 177
article thumbnail

The 42M Record kayo.moe Credential Stuffing Data

Troy Hunt

In May last year, I loaded more than 1 billion records from other incidents very similar to this and the real risk it poses to people is that if they've reused their password in multiple places, each of those accounts is now in jeopardy if the username and password appears in one of these lists. Can I provide the password used?

Passwords 177
article thumbnail

Mother of all Breaches may contain NEW breach data

Malwarebytes

These shady services, Hunt says, allow interested parties, including criminals, to access records that contain usernames, passwords (including in clear text), email addresses, and IP addresses. It has Terms of Service that include: You may only use this service for your own personal security and research.