privacy and security
It’s Time to Nervously Mock the 50 Worst Passwords of the Year

In spite of everything – the leaks, the breaches, the myriad privacy risks – a large majority of people are still using “password” and “123456” as their password. Folks, it’s long past time to stop taking security shortcuts. Read More >>

security
Password Managers Are Actually a Really Good Gift

The holidays are nearly here, and that means you may be scraping up loose change in your sofa cushions for any gift-giving you plan to be doing this season. But the best gift you can give your loved ones this year – be they friends, family, or secret Santa pals – is a password manager. Read More >>

twitter
How to Use Twitter’s Best Security Feature

Twitter just made a huge adjustment to its best security feature. And now, you won’t have to hand your phone number over to Jack to use it. Read More >>

disney plus
Disney+ Has a Hacking Problem

Disney+ had a rocky launch last week, with technical issues and customer service complaints galore. Now, it looks as though Disney+ has a hacking problem as well. Read More >>

passwords
Google is Baking-in a Tool to Help Break Your Terrible Password Habits

Google is rolling out its handy Password Checkup tool to a wider audience because let’s be honest: how good is your password protocol? If you share your login credentials, re-use passwords across accounts (whether or not you perceive those accounts as low-risk), or use easy-to-guess passwords for any of your accounts, the answer is: probably not as strong as you think. Read More >>

security
Stop Using Hijacked Passwords That Google Already Told You Were Bad

In February, Google did us lazy bums a favour by adding a Password Checkup extension for Chrome. The way it works is the extension will send you a warning to change your password whenever logging-in to a site using a username or password that’s previously been leaked in a third-party data breach. This is all good, except for the part where Google conducted a study and found that a good chunk of people who installed the extension straight up ignored the warnings and kept reusing old, hijacked passwords. Read More >>

security
Mozilla’s Tweaking Firefox’s Password Manager to Tell You When Saved Logins Have Been Stolen

You can’t spend hours combing through archives of breached data to see if your login credentials were leaked, so Mozilla’s rebranded in-browser password manager, Lockwise, will soon notify users if their saved usernames or passwords were exposed in a data breach, and recommend that they change them. Read More >>

google
You Can Now Sign Into Your Google Account on iOS Using an Android Phone

Google has been on a quest to kill the password, so in its latest efforts to further that agenda, the tech giant has now made it possible to log into your Google account on iOS devices by using an Android phone. Read More >>

privacy
Facebook Asked Some Users for Their Email Passwords, Then ‘Unintentionally Uploaded’ 1.5 Million Contact Lists Without Consent

Last month, Facebook admitted that it was asking some users who signed up on desktop while using email addresses not supporting the OAuth open standard to give them the passwords to their email accounts – with options to avoid doing so hidden in a “Need Help?” sub-menu. Now the social media giant has admitted that yes, it did “unintentionally” upload contact lists from up to 1.5 million of those email accounts to Facebook, without their owners’ consent or knowledge. Read More >>

security
New Super-Secure Wifi is Actually Full of Security Holes

When the Wi-Fi Alliance released its next-generation WPA3 wifi security protocol last January, it was touted as being nigh impossible to crack. That made it a serious upgrade over WPA2, the current protocol used by modern wifi networks – including the one you’re probably reading this on. Except, researchers last week published findings that show WPA3 actually has several serious design flaws that leave it vulnerable to the same attacks that plagued WPA2. Read More >>

facebook
Facebook Is Just Casually Asking Some New Users for Their Email Passwords

Facebook has been prompting some users registering for the first time to hand over the passwords to their email accounts, the Daily Beast reported on Tuesday — a practice that blares right past questionable and into “beyond sketchy” territory, security consultant Jake Williams told the Beast. Read More >>

cybersecurity
Why ‘ji32k7au4a83’ Is a Remarkably Common Password

For too many people, moving the digits around in some variation of Football69Lover is their idea of a strong password. So you might expect something complicated like” “ji32k7au4a83” would be a great password. But according to the data breach repository Have I Been Pwned (HIBP), it shows up more often than one might expect. Read More >>

security
MWC 2019: Startup Wants to Replace Passwords With Pins on Pictures

There are a lot of problems with passwords, and that's why the tech industry has been doing their best to try and eliminate the things forever. Not only can they be hard to remember, they're not really all that secure. Certainly not if you just use the same password for everything. One startup has an interesting idea, though. What if your password was bits of a picture? Read More >>

google
Google’s New Chrome Extension Warns You If Your Passwords Have Been Exposed

Google is rolling out two new tools to help the password-challenged beef up their security game. The first is a Chrome extension called Password Checkup that can identify if you’re using a password that’s been exposed in a third-party data breach. The second is a feature called Cross Account Protection, which helps protect apps you’ve signed into with your Google account. Read More >>

crypto
Crypto Exchange Says It Can’t Repay £145 Million to Clients After Founder Dies With Only Password

Canadian crypto exchange QuadrigaCX says it cannot repay most of $190 million (£145m) in client holdings after its 30-year-old founder Gerald Cotten, the only person who knew the passwords to its “cold storage,” unexpectedly died in India in December 2018, Coindesk reported on Friday. Read More >>