passwords
Users don’t bother changing default passwords
Most people working with sensitive information want stricter security policies but rarely bother changing default, automatically generated and assigned passwords. To collect …
Self-selected PINs aren’t that hard to guess
Four-digit banking PINs are usually randomly assigned by banks after the issuing of credit and debit cards, but there are still some out there that let its customers choose …
Open source password manager gets two-factor authentication
Yubico announced a successful implementation of YubiKey two-factor authentication with the free, open source password manager software Password Safe. The joint solution offers …
Twitter turns on HTTPS by default
Twitter has finally taken the plunge and made HTTPS on by default for all users. The option to always use HTTPS was made available to users back in March 2011, but they had to …
Best practices for online banking security
There are two common misconceptions about online banking security which are holding financial institutions back from offering their customers the best services possible. …
Apple iWork passwords cracked
ElcomSoft can now recover passwords protecting Apple iWork documents. This makes Distributed Password Recovery the first tool to recover passwords for Numbers, Pages and …
HTC Android phones allow apps to harvest users’ Wi-Fi password
A bug in the way some Android-running HTC smartphones handle requests for password allows some applications to send the user’s Wi-Fi network username, password and SSID …
Security breaches driving authentication changes
Recent security breaches and deployment of new technologies are driving organizations to re-evaluate incumbent authentication vendors and re-think their authentication …
Multi-factor authentication for mobile users
DigitalPersona announced the newest version of DigitalPersona Pro Enterprise has support for a variety of new authentication credentials. With the software, organizations can …
DreamHost hacker accessed pool of unencrypted passwords
DreamHost, one of the world’s most popular and well-known web hosting providers, has sent a warning out to its customers saying that one of their databases containing …
Mozilla offers alternative to OpenID
Mozilla has been working for a while now on a new browser-based system for identifying and authenticating users it calls BrowserID, but its only this month that all of its …
74% believe mobile devices increase security incidents
The number of personal mobile devices connecting to corporate networks has more than doubled in the past two years, according to Check Point. 74% of UK businesses (compared …
Featured news
Sponsored
Don't miss
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110)
- Learning from CrowdStrike’s quality assurance failures
- BIND 9.20 released: Enhanced DNSSEC support, application infrastructure improvements
- How CISOs enable ITDR approach through the principle of least privilege