Aurich Lawson | Getty Images reader comments 121 with My recent feature on passkeys attracted significant interest, and a number of the 1,100-plus comments raised questions about how the passkey system actually works and if it can be trusted. In response, I’ve put together this list of frequently asked questions to dispel a few myths… Read More »
Aurich Lawson | Getty Images reader comments 389 with By now, you’ve likely heard that passwordless Google accounts have finally arrived. The replacement for passwords is known as “passkeys.” There are many misconceptions about passkeys, both in terms of their usability and the security and privacy benefits they offer compared with current authentication methods. That’s… Read More »
Aurich Lawson | Getty Images reader comments 21 with Share this story By now, you’ve probably heard about a new AI-based password cracker that can compromise your password in seconds by using artificial intelligence instead of more traditional methods. Some outlets have called it “terrifying,” “worrying,” “alarming,” and “savvy.” Other publications have fallen over themselves… Read More »
reader comments 21 with Share this story GoDaddy said on Friday that its network suffered a multi-year security compromise that allowed unknown attackers to steal company source code, customer and employee login credentials, and install malware that redirected customer websites to malicious sites. GoDaddy is one of the world’s largest domain registrars, with nearly 21… Read More »
Getty Images reader comments 36 with 0 posters participating Share this story More than a fifth of the passwords protecting network accounts at the US Department of the Interior—including Password1234, Password1234!, and ChangeItN0w!—were weak enough to be cracked using standard methods, a recently published security audit of the agency found. The audit was performed by… Read More »
Getty Images reader comments 255 with 0 posters participating Share this story LastPass, one of the leading password managers, said that hackers obtained a wealth of personal information belonging to its customers as well as encrypted and cryptographically hashed passwords and other data stored in customer vaults. The revelation, posted on Thursday, represents a dramatic… Read More »
Gertty Images reader comments 159 with 93 posters participating, including story author Share this story For years, Big Tech has insisted that the death of the password is right around the corner. For years, those assurances have been little more than empty promises. The password alternatives—such as pushes, OAUTH single-sign ons, and trusted platform modules—introduced… Read More »
Enlarge (credit: Getty Images) What’s worse than a widely used Internet-connected enterprise app with a hardcoded password? Try said enterprise app after the hardcoded password has been leaked to the world. Atlassian on Wednesday revealed three critical product vulnerabilities, including CVE-2022-26138 stemming from a hardcoded password in Questions for Confluence, an app that allows users… Read More »
Getty Images reader comments 186 with 108 posters participating, including story author Share this story For more than a decade, we’ve been promised that a world without passwords is just around the corner, and yet year after year, this security nirvana proves out of reach. Now, for the first time, a workable form of passwordless… Read More »