Account Security, Authentication, Blog and Passwords

Account Security

Authentication

Blog

Passwords

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Krebs on Security

SEPTEMBER 22, 2023

The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are needed to ensure all customers are protected by their latest security improvements. Nor was he ever forced to improve his master password. And very recently, it upped that again to 600,000.

Passwords

Passwords Encryption Password Management Cryptocurrency

Pwned Passwords, Version 5

Troy Hunt

JULY 8, 2019

Almost 2 years ago to the day, I wrote about Passwords Evolved: Authentication Guidance for the Modern Era. This wasn't so much an original work on my behalf as it was a consolidation of advice from the likes of NIST, the NCSC and Microsoft about how we should be doing authentication today. 3,768,890 passwords.

Passwords

Passwords Accountability Authentication Data breaches

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Beyond Passwords: 2FA, U2F and Google Advanced Protection

Troy Hunt

NOVEMBER 14, 2018

Last week I wrote a couple of different pieces on passwords, firstly about why we're going to be stuck with them for a long time yet and then secondly, about how we all bear some responsibility for making good password choices. This week, I wanted to focus on going beyond passwords and talk about 2FA. It's a subset of MFA.

Passwords

Passwords Authentication Accountability Mobile

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

GitHub Discovers Authentication Issue

SecureWorld News

MARCH 10, 2021

GitHub announced a security update due to a bug causing issues with the authentication of sessions. On March 2, GitHub received an external report of anomalous behavior for their authenticated GitHub.com user session. This would give them the valid and authenticated session cookie for another user.

Authentication

Authentication CSO Accountability Engineering

What are the Benefits of a Password Manager?

Identity IQ

MAY 2, 2023

What are the Benefits of a Password Manager? IdentityIQ Passwords are essential when keeping your information safe on your devices. But unfortunately, many people use weak or the same password, making it easy for hackers to crack them. Research shows that 52% of people reuse passwords for multiple accounts.

Password Management

Password Management Passwords Identity Theft Accountability

Why TOTP Won’t Cut It (And What to Consider Instead)

NetSpi Technical

JANUARY 18, 2024

Time-Based One-Time Password (TOTP) Time-Based One-Time Password (TOTP) is a common two-factor authentication (2FA) mechanism used across the internet. During authentication, the secret is used in combination with the time in a cryptographic hash function to produce a secure 6-digit passcode. Why yes, it did.

Authentication

Authentication Passwords Accountability Penetration Testing

Google Sending Security Keys to 10,000 Users at High Risk of Attack

eSecurity Planet

OCTOBER 11, 2021

Company officials also used the first week of October – which is Cybersecurity Awareness Month – to remind users of the company’s plan to enable two-factor authentication by default to many accounts, and that it will enable it for 150 million accounts before the end of 2021. ” Two-Factor Authentication is Key.

Risk

Risk Passwords Authentication Accountability

Google to auto-enrol users, YouTubers into 2SV

Malwarebytes

OCTOBER 7, 2021

2SV adds an extra layer when logging into your account and the additional step happens after you’ve entered your password. It’s simple, and it dramatically decreases the chance of someone else accessing an account. For Google users, it involves just tapping a notification on their phone to confirm it’s them.

Passwords

Passwords Accountability Authentication Mobile

Taking on the Next Generation of Phishing Scams

Google Security

MAY 11, 2022

Posted by Daniel Margolis, Software Engineer, Google Account Security Team Every year, security technologies improve: browsers get better , encryption becomes ubiquitous on the Web , authentication becomes stronger. This blog will deep dive into the method of phishing and how it has evolved today.

Phishing

Phishing Scams Authentication Accountability

How to Detect and Respond to Account Misuse

Identity IQ

JULY 3, 2023

According to the Identity Theft Resource Center (ITRC), last year there was a 13% increase in reports of misuse for both new and existing accounts compared to the year prior. Account misuse can result in alarming repercussions, including privacy breaches, financial losses, and identity theft.

Accountability

Accountability Identity Theft Passwords Social Engineering

Google to start automatically enrolling users in two-step verification “soon”

Malwarebytes

MAY 7, 2021

The Google blog cites the security check-up page, but that simply lists: Devices which are signed in Recent security activity from the last 28 days 2-step verification, in terms of sign-in prompt style, authenticator apps, phone numbers, and backup codes Gmail settings (specifically, emails which you’ve blocked).

Passwords

Passwords Password Management Backups Accountability

Internet safety tips for kids and teens: A comprehensive guide for the modern parent

Malwarebytes

SEPTEMBER 21, 2021

Keep your online accounts secure Respect your privacy Capture and share with care Take care of your data Take care of your device Be wary of certain sites and content online Be kind. Keep your online accounts secure. Show them these tips: Never use the same password twice. This is where a password manager comes in.

Internet

Internet Internet Passwords Password Management

FEITIAN + Duo Integration Supports the Broadest Range of MFA Options

Duo's Security Blog

NOVEMBER 23, 2020

Start with a zero-trust framework that begins at the access request with strong multi-factor authentication (MFA). Duo’s modern access security protects your users and applications by using a second source of validation. Most breaches involve weak, reused, or stolen passwords. How do you protect your users from phishing attacks?

Authentication

Authentication Passwords Technology Education

U.S. Energy Company Targeted by QR Code Phishing Campaign

SecureWorld News

AUGUST 28, 2023

The emails in the campaign purported to be from Microsoft, and they claimed that the recipient needed to update their account security settings or activate two-factor authentication (2FA)/multi-factor authentication (MFA) within 72 hours. This phishing scam is a reminder of the dangers of QR codes.

Phishing

Phishing Scams Mobile Media

Cyber Security Informer

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Pwned Passwords, Version 5

Webinars

Trending Sources

Beyond Passwords: 2FA, U2F and Google Advanced Protection

Webinars

GitHub Discovers Authentication Issue

What are the Benefits of a Password Manager?

Why TOTP Won’t Cut It (And What to Consider Instead)

Google Sending Security Keys to 10,000 Users at High Risk of Attack

Google to auto-enrol users, YouTubers into 2SV

Taking on the Next Generation of Phishing Scams

How to Detect and Respond to Account Misuse

Google to start automatically enrolling users in two-step verification “soon”

Internet safety tips for kids and teens: A comprehensive guide for the modern parent

FEITIAN + Duo Integration Supports the Broadest Range of MFA Options

U.S. Energy Company Targeted by QR Code Phishing Campaign

Stay Connected