The “picture passwords” used in Windows 8 machines are more vulnerable than Microsoft hoped, a research team claims. An analysis of more than 10,000 picture passwords found that a significant percentage could be cracked by algorithms.
The popular password-cracking app Hashcat has “upgraded” to passwords up to 55 characters – meaning that long passwords (for instance those made up of sentences), can be cracked far more quickly.
Academics create new “anti-phishing” technology – electronic identity cards which allow secure access to websites, and which could simplify access for people less used to the Internet.
The bug allowed attackers to see any passwords using in a recent browsing session by performing a “memory dump”, and would have worked even if the user was not logged into LastPass.
Security flaws in some models of HP LaserJet Pro printers can reveal users’ administrator passwords to remote attackers, a researcher has revealed.
Google’s Chrome browser has been criticized over its password security, after a developer found that anyone logged into the same OS account could easily see any saved website passwords in plain text.
One in six adults use the name of a pet as the basis of their password, and two-thirds use their partner’s name, according to a new survey commissioned by Google.
A fiber-optic tabletop PC system “reads” fingerprints as people use it – and could form the basis of a secure system for transactions in shops or banks.
The PIN codes used to protect smartphones offer a useful line of defense against criminals – unless, that is, your device falls into the hands of the robot R2B2.
Passwords are outdated and “inevitably” fall into the hands of cybercriminals, according to a new advocacy group, Petition Against Passwords.
“Children are a formidable adversary – unlike any other,” says Microsoft security researcher Stuart Schechter, in a paper to be presented at the SOUPS security conference next week.
There are a few tricks to making passwords that will at least slow down cybercriminals – buying you time to reset your accounts if a list of encrypted passwords leak in a data breach.
Micro-blogging site Tumblr has warned users that passwords can be “sniffed” from its iPhone and iPad apps – and issued a “very important” security update for both apps.
Browser security warnings can work to protect users from phishing and malware sites – but “warning fatigue” means important alerts over site security can be conmpletely ignored.
A new biometrics system could “read” blood vessels under the skin using thermal imaging cameras – a system which its inventors claim would be “almost impossible to spoof.”
Game publisher Ubisoft has fallen victim to a website hack, which exposed data including email addresses, user names and encrypted passwords.
Yahoo defended its plan to recycle inactive user IDs this week, saying that it had put in place safeguards to prevent the recycled usernames being used for identity theft.
Medical devices including heart defibrillators, patient monitors and anaesthesia devices include a dangerous password vulnerability which could be exploited by cyber attackers, according to the FDA.
A new era of secure passwords could be upon us with a facial password system that can unlock phones using facial expressions – with users required to stick tongues out or frown at the camera instead of typing a password.
Evernote and LinkedIn have both added an option for two-factor authentication in the past few days – days after Twitter announced its optional two-factor security system.