Troy Hunt

JULY 8, 2019

Almost 2 years ago to the day, I wrote about Passwords Evolved: Authentication Guidance for the Modern Era. Shortly after that blog post I launched Pwned Passwords with 306M passwords from previous breach corpuses. 3,768,890 passwords. 3,768,890 passwords.

Passwords 234

Passwords Accountability Authentication Data breaches 234

Hacker Combat

SEPTEMBER 6, 2021

Hackers took advantage of the mishap to gain unauthorized access to email accounts and lots of customer’s data was exposed. During that timeframe, unapproved third parties gained unauthorized access into over 60 email accounts hosted in the cloud belonging to Cetera Employees. Often, hackers use phishing emails to target employees.

Accountability 100

Accountability Hacking Financial Services Data breaches 100

Krebs on Security

SEPTEMBER 22, 2023

The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are needed to ensure all customers are protected by their latest security improvements. Nor was he ever forced to improve his master password. And very recently, it upped that again to 600,000.

Passwords 260

Passwords Encryption Password Management Cryptocurrency 260

Security Affairs

FEBRUARY 27, 2021

Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. The criminals could hijack social media accounts and bypass 2FA services based on SMS used by online services, including financial ones. .

Mobile 96

Mobile Telecommunications Data breaches Identity Theft 96

Security Affairs

APRIL 6, 2023

The credentials provided by the recipient are sent to an attacker-controlled URL, however, after the recipient enters their password, the phishing page redirects to a benign document that contains the interview questions, or an RFI that includes information of interest for the victims.

Phishing 87

Phishing Media Passwords Malware 87

Thales Cloud Protection & Licensing

OCTOBER 28, 2021

Whether you want the ‘trick’ of a malevolent threat actor infiltrating your network by exploiting a compromised password or the ‘treat’ from the peace of mind associated with multifactor authentication, the choice is yours. This ability to log in to the administrative account could have been prevented with multifactor authentication in place.

Authentication 71

Authentication VPN Passwords Accountability 71

Troy Hunt

NOVEMBER 14, 2018

Last week I wrote a couple of different pieces on passwords, firstly about why we're going to be stuck with them for a long time yet and then secondly, about how we all bear some responsibility for making good password choices. This week, I wanted to focus on going beyond passwords and talk about 2FA.

Passwords 261

Passwords Authentication Accountability Mobile 261