authentication
New details about Target breach come to light
As data dumps of cards stolen in the Target breach continue to be sold on underground cybercrime forums, and the stolen information is being used to perform unauthorised …
Which e-commerce sites do more to protect your password?
Consumers increasingly share their personal data, including payment information, with a growing number of e-retailers. The keys that protect their personal data are the …
New Snapchat CAPTCHA system hacked in record time
The revelation that usernames and phone numbers of some 4.6 million Snapchat users have been compromised marked a very bad start of the year for the company behind the popular …
Financial sector needs non-replicable, single-use credentials
Different tokens, devices, mobile phones, e-signatures, etc. are used to authenticate our e-identities. Yet, some financial institutions are still not considering the risk of …
Starbucks iOS app stores passwords in clear text
A security researcher has discovered that Starbuck’s iOS mobile application stores users’ usernames, email address and passwords in clear text, and has tried to …
Key trends for identity and access management
CA Technologies announced its predictions in identity and access management (IAM) and their impact on security professionals in 2014. “We believe that the technology …
OpenSSL site hack wasn’t the result of vulnerability exploitation
After a few days of speculations fuelled by a not clear enough explanation, the OpenSSL Foundation has confirmed that the late December defacement of its Openssl.org website …
BYOD and biometrics in the enterprise – ally or enemy?
BYOD continues its victory march as the enabler of choice among employees juggling increasingly intertwined home and work lives – for IT managers however it is the stuff …
Lessons learned in password security 2013
As 2013 comes to a close, it’s time to reflect on a year of change for password security and the implications for the year ahead. Large scale security breaches this year …
Authentication using visual codes: what can go wrong
Several password replacement schemes have been suggested that use a visual code to log in. However the visual code can often be relayed, which opens up a major vulnerability. …
Building an OATH-compliant authentication server for less than $100
Using a Raspberry Pi nanocomputer and the multiOTP open source library, André Liechti showcases how to how to create an OATH-compliant authentication server at PasswordsCon …
Easy-to-remember, difficult-to-crack passwords via visual cues
A group of researchers from Carnegie Mellon University’s School of Computer Science believe they might have solved the problem of choosing and, above all, remembering …
Featured news
Resources
Don't miss
- Critical SAP NetWeaver flaw exploited by suspected initial access broker (CVE-2025-31324)
- Threat actors are scanning your environment, even if you’re not
- GoSearch: Open-source OSINT tool for uncovering digital footprints
- Rack Ruby vulnerability could reveal secrets to attackers (CVE-2025-27610)
- Top must-visit companies at RSAC 2025