9 Best Articles in 2022
Guardian Tech
RIP passwords: new web standard designed to replace login method
Guardian Tech
3 min read · From 2018 · WebAuthn will eliminate need for passwords by moving to methods of authentication such as biometrics, says web standards controller
Shared by 131, including Merkstatt, Ryan Hulland, Oliver Raduner, Joe Lencioni, Marcus Schwarze 🚀, Michael Sumner, John Hues, Vincent Liu, Tauno, Miguel, Trae Blain, 𝐦𝐫𝐯𝐧
ncsc.gov.uk
Let them paste passwords
ncsc.gov.uk
6 min read · From 2017 · Allow your website to accept pasted passwords - it makes your site more secure, not less.
Reader View · Shared by 63, including Ryan Boren, Troy Hunt, Dennis Lembrée, jean marc manach, Patrick Sanwikarja, Privacy Matters 🇬🇧🇮🇪🇪🇺🌻, Esther Schindler, Carl Morris, Neira Jones
HackerNoon | Learn Any Technology
I’m harvesting credit card numbers and passwords from your site. Here’s how.
HackerNoon | Learn Any Technology
~12 min read · From 2018 · The following is a true story. Or maybe it’s just based on a true story. Perhaps it’s not true at all.
Reader View · Shared by 643, including Massimiliano Aroffo, Mara Averick, Rodrigo Franco (Caffo), David Smooke, Werner Vogels, Thomas Power, Chris Roth, 𝐦𝐫𝐯𝐧 , Diego Paladino, Zain Fathoni, Ha Duong, Dirk Spannaus, Aleyda Solis 🇺🇦, Helmi, Tris Hussey, Barnaby Skinner, Eric L. Barnes, Marcus Kuhn, Nils Hitze, Tarik ESSAADI
Ars Technica
How Apple, Google, and Microsoft will kill passwords and phishing in 1 stroke
Ars Technica
6 min read · May 6th · You've heard for years that easier, more secure logins are imminent. That day is here.
Reader View · Shared by 499, including anildash, Theodora (Theo) Lau - 劉䂀曼 🌻, Jennifer Ouellette
Troy Hunt
I've Just Launched "Pwned Passwords" V2 With Half a Billion Passwords for Download
Troy Hunt
20+ min read · From 2018 · Last August, I launched a little feature within Have I Been Pwned (HIBP) I called Pwned Passwords. This was a list of 320 million passwords from a range of different data breaches which organisations…
Reader View · Shared by 61, including Tibor Martini 🇺🇦, Donneker, Mark Kaigwa, Miguel
Troy Hunt
Passwords Evolved: Authentication Guidance for the Modern Era
Troy Hunt
~18 min read · From 2017 · In the beginning, things were simple: you had two strings (a username and a password) and if someone knew both of them, they could log in. Easy. But the ecosystem in which they were used was simple…
Reader View · Shared by 117, including Daniel Bentes, Massimiliano Aroffo, Jacob du Toit, César Suárez, blinch, Bryan Onel, Mike Hewitson, Tillmann Allmer, Kenneth Kalmer, Vikram Dutt
bleepingcomputer.com
LastPass users warned their master passwords are compromised
bleepingcomputer.com
2 min read · 2021-12-28 · Many LastPass users report that their master passwords have been compromised after receiving email warnings that someone tried to use them to log into their accounts from unknown locations.
Reader View · Shared by 74, including Michael Donohoe, Shelly Kramer, BleepingComputer, Steve "ardalis" Smith
DEV Community 👩💻👨💻
How to Process Passwords as a Software Developer
DEV Community 👩💻👨💻
2 min read · From 2019 · Passwords are still the primary method of authentication today, in a form of some...
Reader View · Shared by 70, including Donneker, René Stalder, Clemens, Massimiliano Aroffo, sascha aßbach
Facebook Newsroom
Keeping Passwords Secure
Facebook Newsroom
2 min read · From 2019 · As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems. We have fixed these issues and as a…
Reader View · Shared by 52, including Ian Lurie 🇺🇦, Chris Messina, Mathew Ingram, Mari Smith, briankrebs, Johannes Lenz
Trending
Ars Technica
How Apple, Google, and Microsoft will kill passwords and phishing in 1 stroke
Ars Technica
6 min read · May 6th · You've heard for years that easier, more secure logins are imminent. That day is here.
Reader View · Shared by 499, including anildash, Theodora (Theo) Lau - 劉䂀曼 🌻, Jennifer Ouellette
Popular Science
Here's why your brain won't let you remember new passwords
Popular Science
2 min read · Jun 15th · Behavioral psychology researchers found that information given close attention may not enter an individual's working memory.
Reader View · Shared by 91
briankrebs
Your Phone May Soon Replace Many of Your Passwords
briankrebs
4 min read · May 7th · Apple, Google and Microsoft announced this week they will soon support an approach to authentication that avoids passwords altogether, and instead requires users to merely unlock their smartphones to…
Reader View · Shared by 22, including Shelly Kramer, Evan Kirstel the $B2B Techfluencer
Android Police
Bitwarden now lets you generate fake alias email addresses in addition to passwords
Android Police
2 min read · Jun 2nd · The popular open-source password manager is working with Firefox Relay and more to make this possible
Reader View · Shared by 71
More like this
tomanthony.co.uk
Zoom Security Exploit – Cracking private meeting passwords
tomanthony.co.uk
8 min read · 2020-07-29 · Short version:Zoom meetings were default protected by a 6 digit numeric password, meaning 1 million maximum passwords. I discovered a vulnerability in the Zoom web client that allowed checking if a…
Reader View · Shared by 51
The New York Times
Lost Passwords Lock Millionaires Out of Their Bitcoin Fortunes
The New York Times
6 min read · 2021-01-12 · Bitcoin owners are getting rich because the cryptocurrency has soared. But what happens when you can’t access that wealth because you forgot the password to your digital wallet?
Reader View · Shared by 254, including Chris Gledhill | gledhill.eth, Kevin Roose, Mike Allton, William Gibson, Kashmir Hill, Catherine Rampell, Scott Hanselman 🇺🇦, Christina Sommers, Jason Fried, Polina, Leo Polovets, Cameron Winklevoss, Laura Shin, ljubljana scumbag, Peter McCormack ☠️, Adam Singer, Tyler Winklevoss, Chris Skinner, Jason Zweig, Theodora (Theo) Lau - 劉䂀曼 🌻
WIRED
Facebook Stored Millions of Passwords in Plaintext—Change Yours Now
WIRED
4 min read · From 2019 · The social network kept hundreds of millions of user passwords unscrambled, and employees could search them.
Shared by 47, including ɐpuɐʎᴉW ᴉʇɐʍɥǝN, Matt Navarra, Debbie Meier ✍️⚖️, Nils Hitze, Corvida 🏳️🌈, Backchannel, Merkstatt
github.com
beurtschipper/Depix
github.com
2020-12-06 · Recovers passwords from pixelized screenshots. Contribute to beurtschipper/Depix development by creating an account on GitHub.
Shared by 181, including Pete Skomoroch, Chris Heilmann, Jeff Atwood, Alex J. Champandard, Maurits Martijn, Mike Rundle, Yves Mulkers, Dave Cheney, Nils Hitze, Damian Gryski, Benedict Evans, Ken Schwencke, pןɐʍuɐƃɐɹ, Kenneth Kalmer, AIKing.Eth - Vincent Boucher, Peter Steinberger, Matthias Lampe, hardmaru, Christopher Lauer, Tom Raftery 🇮🇪🇪🇸🇪🇺🇺🇦💉💉💉
The Washington Post
Nearly 25,000 email addresses and passwords allegedly from NIH, WHO, Gates Foundation and others are dumped online
The Washington Post
From 2020 · Thousands of alleged email addresses and passwords linked to prominent organizations battling the coronavirus pandemic have been dumped on the Internet, where they almost immediately were used to foment hacking attempts and harassment by far-right extremists.
Shared by 38, including Oliver Raduner, @NFT_NYC #NFTNYC R.NFT R “Ray” Wang 王瑞光 #Metaverse, Theodora (Theo) Lau - 劉䂀曼 🌻, Dean Baker, Korben, 🟣 Antonio Vieira Santos #FutureOfWork, Carl Zimmer, Deborah Blum
The Verge
Google is making it easier to check if your passwords have been compromised in a data breach
The Verge
3 min read · From 2019 · Google also checks for reused and weak passwords.
Reader View · Shared by 35, including Evan Kirstel the $B2B Techfluencer, Eric Seufert, Merkstatt, Peter Schmidhuber, Matthias Meyer
Ars Technica
This 11-year-old is selling cryptographically secure passwords for $2 each
Ars Technica
3 min read · From 2015 · Girl makes Diceware passwords, rolled with real dice, written by hand, sent by mail.
Reader View · Shared by 38, including Helmi, Florian Hanke 🍎, Jeff Heuer, julian 🚮✨, Tom Connor, Greg Meyer, Thomas Power
Dropbox
How Dropbox securely stores your passwords
Dropbox
3 min read · From 2016 · It’s universally acknowledged that it’s a bad idea to store plain-text passwords. If a database containing plain-text passwords is compromised, user accounts are in immediate danger.
Reader View · Shared by 30, including Diogo Mónica, Troy Hunt, 𝗖𝗵𝗮𝗻𝗻𝗶𝗻𝗴 Walton
CNBC
Most common passwords hackers leak on the dark web: Lookout report
CNBC
2 min read · Feb 27th · Mobile security firm Lookout has a new list of the 20 passwords most commonly found in leaked account information on the dark web. Some are surprisingly easy to guess.
Reader View · Shared by 32, including Deb Lee, George J Huba PhD, Kirk Borne, Marsha Collier, LARRY ELKAN