Google has been storing unhashed G Suite customer passwords
Google has discovered that it has been storing some G Suite users’ passwords in clear text and is notifying G Suite administrators that it will force a password change …
account protection
How effective are login challenges at preventing Google account takeovers?
Despite implementation bugs that might affect the security of physical security keys, they are the strongest protection against phishing currently available, Google maintains. …
Google offers free replacement for buggy Titan Security Keys
Misconfigured Bluetooth pairing protocols in Google’s Titan Security Keys may allow attackers to communicate with users’ security key or with the device their key …
Despite warnings, most people still don’t change their passwords
64% of people use the same password for some, or even all, of their online accounts, while only 21% use a different password for each account. These startling findings come …
Indicators of poor password hygiene exposed
The recovered compromised credentials and personally identifiable information (PII) as well as the identified trends in online security habits and the data criminals tend to …
OkCupid account hijackings highlight website account management issues
Users of popular dating site OkCupid have been complaining of hackers taking over their account, locking them out by changing the associated email address and password, and …
Mitigating the risk of Office 365 account hijacking
Office 365 – the online, subscription-based version of Microsoft’s Office application suite – is one the most widely used enterprise cloud applications/services, …
Firefox Monitor tells you whether your email was compromised in a data breach
After a few months of user testing, Mozilla has launched Firefox Monitor, a free online service that allows users to check whether their email address was involved in a …
AT&T sued for enabling SIM swap fraud
A cryptocurrency investor is suing AT&T because criminals were able to empty his accounts through SIM swap fraud (aka account port out fraud), even though he had already …
After extensive testing, Google introduces the Titan Security Key
Google recently shared that since it made employees use physical security keys instead of passwords and one-time codes, none of them – and there are over 85,000 – …
