article thumbnail

Have I Been Pwned is Now Partnering With 1Password

Troy Hunt

Why It Makes Sense to Partner with a Password Manager Now. I could have said "go and get a password manager", but this is barely any better as it doesn't lead them by the hand to a good one! I spent a few hours manually updating all passwords to all sites. — Dan Blank (@danblank000) March 20, 2018.

article thumbnail

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Krebs on Security

The password manager service LastPass is now forcing some of its users to pick longer master passwords. But critics say the move is little more than a public relations stunt that will do nothing to help countless early adopters whose password vaults were exposed in a 2022 breach at LastPass. ”

Passwords 336
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Banks, Arbitrary Password Restrictions and Why They Don't Matter

Troy Hunt

That said, Westpac down in Australia certainly appears to be 6 characters: Finally thought @Westpac had upped their password game, moving from the long pointless on-screen keyboard (OSK) with a character count limit, to 'normal' password entry. troyhunt pic.twitter.com/9FMSdvVRiL — Hagen (@hagendittmer) June 3, 2018.

Banking 275
article thumbnail

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. “That’s because LastPass didn’t ask existing customers to change their master password. .

article thumbnail

Pwned Passwords in Practice: Real World Examples of Blocking the Worst Passwords

Troy Hunt

7 years ago now, I realised that the only secure password is the one you can't remember and from that day forward, I've been using 1Password exclusively as my password manager. When I released version 2 of Pwned Passwords, out of the blue they built it into their product. — Troy Hunt (@troyhunt) February 22, 2018.

Passwords 268
article thumbnail

Inside the Cit0Day Breach Collection

Troy Hunt

There were a bunch of addresses in the Collection #1 incident and also in the 2,844 breach collection I added in Feb 2018 , but clearly based on the red "null" results there were also many new addresses. And if you don't already have a password manager? Get a password manager, use strong and unique passwords, that is all.

Passwords 364
article thumbnail

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SecureWorld News

Use Privileged Access Management (PAM) solutions. Require 16+ character unique passwords stored in an enterprise password manager. Key findings from the advisory The advisory highlights the rapid and efficient attack lifecycle of Ghost ransomware, with some incidents seeing full encryption within a single day.