account protection
Google has been storing unhashed G Suite customer passwords
Google has discovered that it has been storing some G Suite users’ passwords in clear text and is notifying G Suite administrators that it will force a password change …
How effective are login challenges at preventing Google account takeovers?
Despite implementation bugs that might affect the security of physical security keys, they are the strongest protection against phishing currently available, Google maintains. …
Google offers free replacement for buggy Titan Security Keys
Misconfigured Bluetooth pairing protocols in Google’s Titan Security Keys may allow attackers to communicate with users’ security key or with the device their key …
Despite warnings, most people still don’t change their passwords
64% of people use the same password for some, or even all, of their online accounts, while only 21% use a different password for each account. These startling findings come …
Indicators of poor password hygiene exposed
The recovered compromised credentials and personally identifiable information (PII) as well as the identified trends in online security habits and the data criminals tend to …
OkCupid account hijackings highlight website account management issues
Users of popular dating site OkCupid have been complaining of hackers taking over their account, locking them out by changing the associated email address and password, and …
Mitigating the risk of Office 365 account hijacking
Office 365 – the online, subscription-based version of Microsoft’s Office application suite – is one the most widely used enterprise cloud applications/services, …
Firefox Monitor tells you whether your email was compromised in a data breach
After a few months of user testing, Mozilla has launched Firefox Monitor, a free online service that allows users to check whether their email address was involved in a …
AT&T sued for enabling SIM swap fraud
A cryptocurrency investor is suing AT&T because criminals were able to empty his accounts through SIM swap fraud (aka account port out fraud), even though he had already …
After extensive testing, Google introduces the Titan Security Key
Google recently shared that since it made employees use physical security keys instead of passwords and one-time codes, none of them – and there are over 85,000 – …
Malicious actors used Facebook’s own tools to scrape most users’ public info
Facebook has disabled a search tool that allowed anyone to enter a person’s phone number or email address into Facebook and find their account, along with all the information …
Reddit rolls out 2-factor authentication for users
The 234 million or so unique Reddit users are finally getting the option of setting up 2-factor authentication for their account(s). Why is that important? With over 540 …
Featured news
Resources
Don't miss
- Critical Firefox, Tor Browser sandbox escape flaw fixed (CVE-2025-2857)
- Android financial threats: What businesses need to know to protect themselves and their customers
- Post-quantum cryptography and the future of online safety
- How to manage and protect your biometric data
- UK NCSC offers security guidance for domain and DNS registrars