authentication
Researchers reverse 320 million hashed passwords
CynoSure Prime, a “password research collective”, has reversed the hashes of nearly 320 million hashed passwords provided by security researcher Troy Hunt through …
Researchers devise app to protect PINs and passwords
Every ATM or smartphone user can attest to the discomfort of having a stranger standing close enough to observe a financial transaction — and potentially note a PIN or account …
Password Reset MITM: Exposing the need for better security choices
Attackers that have set up a malicious site can use users’ account registration process to successfully perform a password reset process on a number of popular websites …
OneLogin suffers data breach, again
OneLogin, a popular single sign-on service that allows users to access thousands of popular cloud-based apps with just one password, has suffered what seems to be a serious …
Samsung Galaxy S8 iris scanner can be fooled with a printed photo
After demonstrating how easily Apple’s Touch ID can be fooled with a user fingerprint photographed from a glass surface, Chaos Computer Club (CCC) hacker …
Attackers exploited SS7 flaws to empty Germans’ bank accounts
Cyber criminals have started exploiting a long-known security vulnerabilities in the SS7 protocols to bypass German banks’ two-factor authentication and drain their …
World Password Day: Make the Internet a more secure place
Identity theft is one of the world’s fastest growing crimes, but adding strong authentication to your password can prevent it. Today is World Password Day, and here are some …
Mastercard introduces cards that work with fingerprints instead of PINs
Mastercard has added fingerprint sensors to its payment cards, in an attempt to make face-to-face payments more convenient and more secure. How does it work? “A …
Microsoft users can ditch password-based logins for phone sign-in 2FA
Microsoft added a new feature to its authenticator app, allowing users to sign into their Microsoft account without having to enter their password. “With phone sign-in, …
Cloud-based single sign-on means access and security everywhere
The cloud is now the standard of corporate organizational life. It is a standard practice for nearly every sector of every industry. So, there must be solutions available to …
Attackers can steal smartphone users’ PINs by tapping into data collected by mobile sensors
Researchers have demonstrated that a malicious website or app could work out smartphone users’ PINs or passwords based just on the data collected by various motion …
Similarities in partial fingerprints may trick biometric security systems
No two people are believed to have identical fingerprints, but researchers at the New York University Tandon School of Engineering and Michigan State University College of …