Password security company Splashdata has released a new version of its annual list of the world’s worst passwords – and ‘password’, last year’s number one, has been unseated by ‘123456’, thanks largely to passwords revealed in the recent Adobe breach.
Starbucks has promised to update its mobile app – the most-used mobile payment app in America – after a security researcher found that it stored passwords in plain text, leaving users vulnerable to attack.
A survey of 22,762 consumers conducted by the British government found that less than half took the most basic steps to protect themselves online, the government revealed as part of a new campaign aimed at consumers and small businesses.
A tiny new iris-scanner which plugs into smart devices and PCs could eradicate the need for passwords entirely – and it offers a far higher level of security than fingerprint scanners, with a ‘false positive’ chance of just 1 in 2.25 trillion.
Many popular models of wireless router from brands such as Linksys and Netgear are vulnerable to a ‘backdoor’, which could allow attackers access to the router’s admin controls, according to a report by Ars Technica.
The two million people who had chosen “123456” as their Adobe password were widely mocked online after the company’s security breach – but most users (and companies) hate passwords, and some have big (and surreal) ideas about what’s coming next….
A new ‘Smart ID’ card, BluStor, aims to “eliminate hacking and identity theft” – using a combination of voiceprints, fingerprints and iris readings and connecting to mobile devices via Bluetooth, so an app can confirm a user’s ID instantly.
Your next PC password could be President Bill Clinton kissing a fish – and that disturbing mental image, and similar surreal “story images” could be the key to creating strong passwords across multiple accounts, according to Carnegie Mellon researchers.
Fingerprint identification systems could sweep through the world faster than most have predicted, according to Ericcsson, the world’s largest cellphone network maker – based on opinion polls of 100,000 smartphone users around the world.
Microsoft’s telepathic power, of course, comes from AI, not magic, and illustrates very clearly which passwords are easy for a computer to “guess” – the tool Telepathwords, guesses the next letter as you type in a password.
A vulnerability in Android could allow attackers to “unlock” phones without cracking PIN codes – using malware to deactivate Google’s locks on handsets and tablets. The vulnerability can “turn off” all locks a user puts in place.
Apple users may soon be able not only to unlock their devices simply by showing their face – they may be able to “control” functions on Macs, iPhones and iPads simply by looking at the screen, and prevent people nearby snooping on lock screen alerts.
Major websites such as Kickstarter, WarnerBros.com and the online photography community 500px.com are among 2,000 at risk from a vulnerability that could allow attackers to impersonate real users and access their sites, according to a researcher.
Human heartbeats are near-unique – each person’s rhythm forms a mathematical pattern which can be used to identify people. A bracelet which aims to use this for secure ID took a big step towards PCs and phones in the home this week, as 6,000 developers began work on apps for it.
A major British horse racing website has been hit by an “aggressive” and “malicious” cyber attack – and user details have leaked, including some passwords which the owners warn “could be deciphered.”
A ‘high impact’ security bug affecting Gmail’s password recovery system was discovered by a researcher – and quickly patched. The vulnerability allowed attackers to reset user passwords remotely.
When any computer user types on a keyboard, the pattern of keystrokes is unique – like a fingerprint. When using a mouse, the patterns for each user are just as different – and Iowa State engineers aim to combine these “patterns” to identify people, offering a more secure alternative to passwords.
Keypic uses an image – usually an advert, but it can be a single pixel, an animation, or anything the site’s administrator wants – and checks for typically “human” behavior. It’s already used on nearly 6,000 sites, and is available as a plug-in for WordPress and Drupal.
Facebook users who used the same email and password on their Adobe and Facebook accounts have been offered a helping hand by Facebook in the wake of the recent massive breach at Adobe, which leaked account data for 38 million users.