passwords   14743

« earlier    

mnussbaum/PassHUD: A HUD-style interface for pass on macOS
A HUD-style interface for pass on macOS. Contribute to mnussbaum/PassHUD development by creating an account on GitHub.
mac  passwords 
6 days ago by geetarista
Stay Efficient and Organized with a Password Manager | The Startup Finance Blog
Think about what would happen if someone could guess all your passwords. They’d get at your email, they’d be able to order things from Amazon on your credit card, they’d have access to your contacts and calendars, and even to your bank accounts.
Most Commonly Used Passwords
For many people, passwords are an afterthought. The most commonly used passwords are things like 123456, password, qwerty, letmein, iloveyou, and starwars. And 4 percent of people – that’s one out of every twenty-five of your friends and co-workers – used 123456 to protect accounts. And others still leave passwords on sticky notes on their monitor or desk.
With the many data breaches that have exposed peoples’ email addresses, user names, and passwords, all available to hackers willing to spend a few bucks, it is increasingly foolish to use a simple password. But the downside of this is that it is hard to remember a password like DqAJt4acfJ3owB; it’s easier to remember your pet’s name or the name of your favorite Game of Thrones character or sports team.
security  privacy  passwords  1password 
8 days ago by rgl7194
How to enable the root user on your Mac or change your root password - Apple Support
How to enable the root user on your Mac or change your root password
Mac administrators can use the root user account to perform tasks that require access to more areas of the system.
The user account named ”root” is a superuser with read and write privileges to more areas of the system, including files in other macOS user accounts. The root user is disabled by default. If you can log in to your Mac with an administrator account, you can enable the root user, then log in as the root user to complete your task.
The root user account is not intended for routine use. Its privileges allow changes to files that are required by your Mac. To undo such changes, you might need to reinstall your system software. You should disable the root user after completing your task. 
It's safer to use the sudo command in Terminal instead of enabling the root user. To learn about sudo, open the Terminal app and enter man sudo.
mac  unix  security  root  passwords  howto  support  prefs 
10 days ago by rgl7194
Real-Time Attacks Against Two-Factor Authentication - Schneier on Security
Attackers are targeting two-factor authentication systems:
Attackers working on behalf of the Iranian government collected detailed information on targets and used that knowledge to write spear-phishing emails that were tailored to the targets' level of operational security, researchers with security firm Certfa Lab said in a blog post. The emails contained a hidden image that alerted the attackers in real time when targets viewed the messages. When targets entered passwords into a fake Gmail or Yahoo security page, the attackers would almost simultaneously enter the credentials into a real login page. In the event targets' accounts were protected by 2fa, the attackers redirected targets to a new page that requested a one-time password.
This isn't new. I wrote about this exact attack in 2005 and 2009.
phishing  email  2FA  security  privacy  passwords 
10 days ago by rgl7194
123456 Is the Most Used Password for the 5th Year in a Row
For the 5th year in a row, "123456" is most used password, with "password" coming in at second place. Even in the wake of a constant stream of data breaches, hacks, and ransomware attack reports people continue to utilize weak passwords that not only put their information at jeopardy, but also their organization's data.
In SplashData's 8th annual worst passwords list, the password management company analyzed more than 5 million leaked passwords to come up with their list of most used passwords. According to their report, the top 10 most used passwords are:
"Bad habits die hard, according to SplashData’s eighth annual list of Worst Passwords of the Year," stated SplashData's press release. "After evaluating more than 5 million passwords leaked on the Internet, the company found that computer users continue using the same predictable, easily guessable passwords. Using these passwords will put anyone at substantial risk of being hacked and having their identities stolen."
security  privacy  passwords  top_ten 
10 days ago by rgl7194
New Year’s Resolutions to Check that Your Mac and iOS Devices Are Secure | The Mac Security Blog
Everyone knows that New Year's resolutions don't always stick. You may decide to join a gym or start a diet, and by February, you've slipped from your goal. But there are some New Year's resolutions that you can use to check the security and your Mac and iOS devices. Here's a selection of simple things you can do to make sure your devices are as secure as possible. (Listen to episode 64 of the Intego Mac Podcast where I discuss these and other tips with my co-host Josh Long.)
security  privacy  mac  ios  passwords  watch  filevault  airdrop  faceID  notifications  siri  podcast 
11 days ago by rgl7194
Who Is Agent Tesla? — Krebs on Security
A powerful, easy-to-use password stealing program known as Agent Tesla has been infecting computers since 2014, but recently this malware strain has seen a surge in popularity — attracting more than 6,300 customers who pay subscription fees to license the software. Although Agent Tesla includes a multitude of features designed to help it remain undetected on host computers, the malware’s apparent creator seems to have done little to hide his real-life identity.
The proprietors of Agent Tesla market their product at agenttesla-dot-com, selling access to the software in licenses paid for via bitcoin, for prices ranging from $15 to $69 depending on the desired features.
The Agent Tesla Web site emphasizes that the software is strictly “for monitoring your personel [sic] computer.” The site’s “about” page states that Agent Tesla “is not a malware. Please, don’t use for computers which is not access permission.” To backstop this disclaimer, the site warns that any users caught doing otherwise will have their software licenses revoked and subscriptions canceled.
privacy  security  krebs  tesla  passwords  malware 
12 days ago by rgl7194
A Breach, or Just a Forced Password Reset? — Krebs on Security
Software giant Citrix Systems recently forced a password reset for many users of its Sharefile content collaboration service, warning it would be doing this on a regular basis in response to password-guessing attacks that target people who re-use passwords across multiple Web sites. Many Sharefile users interpreted this as a breach at Citrix and/or Sharefile, but the company maintains that’s not the case. Here’s a closer look at what happened, and some ideas about how to avoid a repeat of this scenario going forward.
The notice sent to ShareFile users looked like this...
Dozens of readers forwarded the above message to KrebsOnSecurity, saying they didn’t understand the reasoning for the mass password reset and that they suspected a breach at ShareFile.
I reached out to ShareFile and asked them point blank whether this reset effort was in response to any sort of intrusion at Citrix or ShareFile; they said no. I asked if this notice had been sent to everyone, and inquired whether ShareFile offers any form(s) of multi-factor authentication options that customers could use to supplement the security of passwords.
security  privacy  passwords  breach  krebs  business  2FA 
12 days ago by rgl7194
Password Rules / UITextInputPasswordRules
iOS 12 and macOS Mojave allow apps and websites to declaratively specify their password requirements, such that the operating systems can automatically suggest passwords that conform. This article shows exactly how.
ios  macOS  security  passwords 
12 days ago by irace

« earlier    

related tags

&  ++  (2fa)  (mfa)  1password  2018  27%  2fa  510  access  accessibility  activedirectory  advice  airdrop  algorithm  already  api  apple  application  apps  authentication  awareness  aws  backdoors  bestpractice  biometric  bitwarden  breach  bug  business  cameras  canada  charger  cli  cloudnative  collaboration  commandline  computer  crack  cracked  credentials  credit_freeze  crossword  crypto  cryptography  dashlane  data  dec18  design  desktop  devices  domestic_surveillance  dopost  education  email  encrypt  encrypted  encryptedpasswordsarenotsafe  encryption  ephemeral  facebook  faceid  filevault  fingerprint  firefox  forms  fraud  from  funny  gentoo  git  github  gkeyring  gnome  gpg  hacker-news-comments  hacking  hash  helm  hn-comments  howto  humor  icloud  id  identity  image  infosec  internet  internetofshit  interview  ios  ios12  iot  javascript  jenkins  john-hall  k8s  keepass  keepassx  keyring  krebs  kubernetes  lastpass  library  linux  mac  macos  malware  management  manager  mozilla  multifactor  netmux  notes  notifications  of  opensource  openssl  opsec  osint  passphrase  password-manager  password-managers  password  password_managers  passwordless  passwordmanagement  passwordmanager  phishing  podcast  prefs  presentation  prevention  privacy  protection  puzzle  python  redaction  reset  reuse  ricky-mondello  root  salem  saltedandhashed  samba  scale  secrets  security  sharing  siri  smarthome  smb  smbpasswd  software  splashdata  ssl  standards  support  tesla  tools  top_ten  touchid  town  travel  two-factor  ui/ux  unix  usb  ux  video  vpn  web  webapp  webapps  webcams  wi-fi  windows  words  watch 

Copy this bookmark: