Whether your employer requires it or you're just a paranoid stonewall of personal security, two-step authentication simply does a better job at protecting your online life. But it adds a bit of hassle, too. Now, researchers are testing how to use ambient noises in your environment to confirm your identity, instead of codes texted to your phone.
Tagged With passwords
The FBI's Houston office is conducting an investigation into an alleged cyberattack against the Houston Astros by the St Louis Cardinals, according to a New York Times report today. It's the first time a pro sports team has hacked a rival (or the first time they have gotten caught), and involves — surprise! — a terrible, awful, embarrassing password mistake.
Hackers broke into popular password manager LastPass this week, which raises some obvious questions: If the service you use to protect your passwords from getting compromised gets compromised, should you still use it? Is it really wise to store all our passwords in the cloud?
If you have an Apple device new enough to have TouchID, you'll need to start thinking of new passcodes for iOS 9. Apple is getting rid of the four-digit passcode in its upcoming software upgrade.
Straight up too much time is spent punching a wide array of passwords for various apps onto the tiny text fields of our phones. Google's trying to fix that with the Identity Platform, new tools for developers to help keep users signed into their apps in a secure, hassle-free way.
Video: On Last Week Tonight with John Oliver, a long conversation with Edward Snowden wound up turning into advice on coming up with good passwords. The upshot? Passwords of eight characters or less are basically crackable in seconds. And the best password that Snowden could come up with was MargaretThatcherIs100%SEXY.
Passwords suck, so why not replace them with facial recognition software? Because facial recognition software still kind of sucks too, as Dan Moren discovered in Popular Science after a little craft project easily fooled his bank app.
The primary purpose of a password is to serve as an unique verification identifier for a given user. Ideally, the password for a given website or service should be both random and unique; if the letters and/or numbers in the password follow any patterns, then they might be easier to guess by an intruder. For example, someone may put their birth year such as "1987" or "1988" in their password, which makes the passwords easier to remember, but consequently easier to break.
Back in December, a consortium of tech companies adopted a new standard meant to usher in a more secure future without the hassle of passwords. On Friday, Microsoft announced that Windows 10 will incorporate those specifications, enabling exciting new biometric security features. Good job, Microsoft!
If you've ever worked in an office with someone who types like a jackhammer, it's obvious we all type a little differently. Now scientists have created a prototype of a keyboard that can identify users by their unique typing patterns. It could point to a next generation of passwords that don't just take into account what you're typing, but how.
Even though we all know better, and because we are a horrible, self-loathing species, human beings will forever insist on using insecure, awful passwords. Awful passwords that, apparently, we are more than happy to broadcast on television.
Somebody just uploaded a password-hacking tool called iDict to GitHub that promises to use good old fashioned brute force techniques to crack iCloud passwords. The tool also claims to be able to evade Apple's rate-limiting and two-factor authentication security that's supposed to prevent brute force attacks. But it's not quite as bad as it sounds.
The FIDO Alliance, whose members include everyone from Google to Samsung, just announced new password-free standards for regular and two-step authentication. In other words, the entire tech industry now has protocol for letting you sign into accounts without a password. Get ready for everything but typing out *****.