passwords   14060

« earlier    

The Tech That Our Security Experts Use to Be Digitally Secure - The New York Times
How do New York Times staff members use technology in their jobs and in their personal lives? Bill McKinley, executive director of information security, and Runa Sandvik, director of information security, discuss the technology they are using.
What are your biggest concerns about security of The Times’s newsroom these days?
This is a difficult challenge for us. The landscape is ever-changing and the threats we see today will likely evolve into something more difficult to defend against tomorrow. Our mission is to help the newsroom protect its communications, data and sources.
Last year, we helped set up The Times’s Tips page, which includes SecureDrop, outlined ways to safely work with the information we receive and built a security awareness program that is unique to the newsroom. We provide tools, training and focus on helping the journalists address the challenges that they are facing.
However, tools and processes will only get us so far. The biggest concern will always be that a source is burned or that a journalist’s life is in danger.
technology  nytimes  security  privacy  IT/IS  passwords  1password  2FA  signal 
2 days ago by rgl7194
Thoughts about passwords on Computer Security Day - Unclutterer
According to those online calendars with daily “holiday” listings — Sandwich Day, Love Your Red Hair Day, etc. — today is Computer Security Day. Since computers are vital organizing tools for so many of us, this specific holiday caught my attention.
While I can’t find any computer security organizations promoting this event, I did read this advice on
One very important thing to do for your online security is to have strong passwords and keep them updated regularly, as this reduces the chances of your personal data falling into the wrong hands. ….
One strategy is to mix upper and lowercase letters with symbols, as this can be harder to guess and also difficult to hack – and passwords increase in difficulty the longer they are. … And don’t use the same password over and over for every online account you have – this ensures that if someone manages to get into one of your accounts, then they can access all of your accounts. Bad idea. So make strong passwords, don’t recycle them, and update them regularly.
passwords  security  privacy 
2 days ago by rgl7194
Passwords - Service Manual - GOV.UK
How to help users to create memorable and secure passwords.
passwords  pattern-library  patterns  forms  input 
4 days ago by joshwayne
Apple Patches MacOS High Sierra Login Vulnerability - SecureMac
“Is Apple getting sloppy?”
That was the headline of a BBC article published on Wednesday, November 29th, 2017, reporting the discovery of a major security issue in Apple’s MacOS High Sierra operating system. It seems that a bug within the OS made it possible for anyone to access a High Sierra computer by exploiting a simple login loophole.
Usually, when you login as a user on a Mac, you must enter your username and password. On machines running High Sierra, though, it was possible to enter “root” as the username, leave the password field blank, and then click the login button several times in succession. This process allowed someone to access a Mac computer running High Sierra—even if they didn’t have an actual username or password – and worse yet, as root!
The vulnerability garnered global attention on Tuesday, November 28th, when software developer Lemi Orhan Ergin tweeted a message to Apple Support to report the problem. Apple quickly responded to Ergin’s tweet and set to work developing a patch to fix the issue.
0day  10.13  bug  macOS  passwords  privacy  root  security 
4 days ago by rgl7194
Updating macOS can bring back the nasty “root” security bug | Ars Technica
The security fix was rolled back when users updated to macOS 10.13.1.
The serious and surprising root security bug in macOS High Sierra is back for some users, shortly after Apple declared it fixed. Users who had not installed macOS 10.13.1 (and thus were running a prior version of the OS when they received the security update) found that installing 10.13.1 resurfaced the bug, according to a report from Wired.
For these users, the security update can be installed again (in fact, it would be automatically installed at some point) after updating to the new version of the operating system. However, the bug is not fixed in that case until the user reboots the computer. Many users do not reboot their computers for days or even weeks at a time, and Apple's support documentation did not, at first, inform users that they needed to reboot. So some people may have been left vulnerable without realizing it. The documentation has been updated with the reboot step now.
0day  10.13  bug  macOS  passwords  privacy  root  security 
4 days ago by rgl7194
Uses This / Jillian C. York
Who are you, and what do you do?
Hi! I'm Jillian C. York, and I'm a writer and activist whose work explores the impact of surveillance and censorship on marginalized communities. Most of that work is with the Electronic Frontier Foundation and my main project there,, and I also do quite a bit of writing and public speaking.
I've been based in Berlin for the past three years, and I don't think I'll ever love a city more than this one. You can be whomever or whatever you want in Berlin. I love my communities here, and the fact that I can carry a beer wherever I want, and the fact that the city is really pretty diverse when you delve into it.
setup  EFF  writing  macbook  iphone  tor  browser  passwords  signal  icloud  music 
6 days ago by rgl7194

« earlier    

related tags

+++  0day  10.13  1password  2fa  access  account  accounts  api  app  apple  apps  argon2  authentication  backups  bitwarden  breach  browser  bug  cli  cms  command  comparison  computers  crossplatform  crypto  cryptography  cybersecurity  daring_fireball  data  dissentingopinion  dropbox  eff  email  encrypt  encryption  enterprise  entropy  esh-anvilon  exploits  facebook  faceid  family  firefox  firefox_add-ons  forms  funny  git  github  golang  google  horrorstories  humor  icloud  infosec  input  interacting  ios  ios11  iot  iphone  irc  it/is  jet  keepassx  keychain  keylogging  keys  krebs  lastpass  line  linux  macbook  macos  manager  music  nadinedorries  nytimes  one-time  online  opensource  orgbehavior  osx-daily  otp  paper  parliament  passphrase  passpoems  password-manager  password  password_managers  passwordmanager  passwordmanagers  pattern-library  patterns  pdf  phishing  php  politics  practical  privacy  recovery  redhat  report  reset-process  rhel  root  scripts  secrets  security  setup  shared  signal  snubs  software  storage  support  technology  threat_model  tips  tools  tor  touchid  twitter  web  webdev  wi-fi  writing  xkcd 

Copy this bookmark: