jeancf · @jeancf
286 followers · 688 posts · Server noc.socialDo not trust anyone to store your passwords safely.
https://krebsonsecurity.com/2023/09/experts-fear-crooks-are-cracking-keys-stolen-in-lastpass-breach/
Use password hashers instead:
Firefox: https://addons.mozilla.org/en-US/firefox/addon/quantum-hasher/
Chrome: https://chrome.google.com/webstore/detail/pawhash/adgekjfphhgngpdoklolpjenmgneobfg
#security #breach #passwords #password
Joe Ortiz · @joeo10
439 followers · 6027 posts · Server mastodon.sdf.orgWow, the #LastPass fiasco looks even worse now that the people responsible for it's hack has cracked some of the stolen vault keys. More in this piece from @briankrebs: https://krebsonsecurity.com/2023/09/experts-fear-crooks-are-cracking-keys-stolen-in-lastpass-breach/
And here's the accompanying thread https://infosec.exchange/@briankrebs/111015350823290724
It's another example into why you should only rely on offline solutions when picking a password manager, such as #KeePass #KeePassXC #KeepassDX and/or #Strongbox
#lastpass #keepass #keepassxc #keepassdx #strongbox #passwords #passwordmanager
Lee Hord · @leehord
6 followers · 91 posts · Server mas.toFinally migrated from 1Password to iCloud Keychain and I’ll can already see the benefits. Password and 2FA auto-filling is so much less clunkier. Don’t get me wrong I used to love 1Password, but recent successive releases have become increasingly unreliable, particularly the browser extensions. If you’ve been on the fence about switching I can confirm all is good.
#iCloudKeychain #1Password #Passwords #2FA
#2fa #passwords #1password #icloudkeychain
Osman · @osman
132 followers · 86 posts · Server hachyderm.io
“A year after the disastrous breach, LastPass has not improved”
https://palant.info/2023/09/05/a-year-after-the-disastrous-breach-lastpass-has-not-improved/
AI6YR · @ai6yr
4770 followers · 32833 posts · Server m.ai6yr.org#LastPass #cybersecurity Brian Krebs: "a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults." #passwords #encryption https://infosec.exchange/@briankrebs/111015350823290724
#lastpass #cybersecurity #passwords #encryption
🏁⚡Omar Two Tone⚡🏁 :verified: · @omartwotone
233 followers · 3245 posts · Server ioc.exchange
a "sophisticated" social engineering attack... LoL 🤪🤪
#cybersecurity #ciberawareness #lol #passwords
PrivacyDigest · @PrivacyDigest
569 followers · 2161 posts · Server mas.toMaker of ‘smart’ #chastity cage left users’ emails, #passwords and locations exposed | TechCrunch
#breach #security #privacy
https://techcrunch.com/2023/09/02/smart-chastity-cage-emails-passwords-location/
#privacy #security #breach #passwords #chastity
Benjamin Carr, Ph.D. 👨🏻💻🧬 · @BenjaminHCCarr
1032 followers · 2726 posts · Server hachyderm.io
#Freecycle confirms massive #databreach impacting 7 million users
The stolen information includes usernames, User IDs, email addresses, and MD5-hashed passwords, with no other information exposed, according to Freecycle.
https://www.bleepingcomputer.com/news/security/freecycle-confirms-massive-data-breach-impacting-7-million-users/
MD5 hashed #passwords, ugh, is it still 1999?
#freecycle #databreach #passwords
Philipp Waldhauer · @pwa
338 followers · 720 posts · Server norden.socialIch muss ja zugeben, dass ich eine sehr lange Zeit über ziemlich viele Passwörter im Chrome Password Manager speicherte, weil es einfach so komfortabel war. Mittlerweile funktioniert die 1Password-Extension aber doch irgendwie nochmal besser und ich werde wohl mal versuchen alles zu konsolidieren.
#security #passwords #1password
Joshua McNeill · @joshisanonymous
148 followers · 488 posts · Server h4.ioI feel like we need a better system for recovering lost #2FA tokens since saving a recovery code is the same as having a password and saving SMS/email info as alternatives defeats the purpose of 2FA...
#2fa #internet #internetsecurity #passwords
HamsterBoomer · @hamsterboomer
3 followers · 240 posts · Server sfba.socialThis Chrome extension can steal your passwords - and Google has no problem with it | TechRadar https://www.techradar.com/pro/security/this-chrome-extension-can-steal-your-passwords-and-google-has-no-problem-with-it #google #chrome #passwords
:rss: Hacker News · @ycombinator
54 followers · 5375 posts · Server rss-mstdn.studiofreesia.comChrome extensions can steal plaintext passwords from websites
https://www.bleepingcomputer.com/news/security/chrome-extensions-can-steal-plaintext-passwords-from-websites/
#ycombinator #computers #windows #linux #mac #support #tech_support #spyware #malware #virus #security #Browser_Extension #Chrome_extension #Chrome_Extension_Manifest_V3 #Extensions #Passwords #Plaintext_Password #virus_removal #malware_removal #computer_help #technical_support
#ycombinator #computers #windows #linux #mac #support #tech_support #spyware #malware #virus #security #browser_extension #chrome_extension #chrome_extension_manifest_v3 #extensions #passwords #plaintext_password #virus_removal #malware_removal #computer_help #technical_support
Aaron Toponce ⚛️:debian: · @atoponce
2496 followers · 5073 posts · Server fosstodon.orgFantastic read on #bcrypt 25 years later, by Niels Provos, one of its creators.
https://blog.apnic.net/2023/08/02/bcrypt-at-25-a-retrospective-on-password-security/
Scott Jenson · @scottjenson
3104 followers · 2194 posts · Server social.coopNIST has revised their guidelines on password restrictions. These were the guys back in 2003 that said at least 8 chars, 1 upper case, one number, one special char. Study after study has shown that this rule makes passwords less secure (read the article). But everyone keeps using this old antiquated rule.
Has anyone had any success in getting their team to stop doing this?
https://auth0.com/blog/dont-pass-on-the-new-nist-password-guidelines/
#UX #passwords
Aaron Toponce ⚛️:debian: · @atoponce
2497 followers · 5070 posts · Server fosstodon.org
Get your #Yubikey ready, WebAuthn will soon be a free feature for #Bitwarden users.
https://github.com/bitwarden/server/commit/6db02e2e5c1a49c24a053780c1b6f9ce9120764a
#bitwarden #passwords #yubikey
Aaron Toponce ⚛️:debian: · @atoponce
2495 followers · 5064 posts · Server fosstodon.orgDamien Miller has added timing keystroke obfuscation to #OpenSSH.
The advantage here is making it more difficult for a MITM to detect valid keystrokes out of the client, such as authenticating with #passwords.
#openssh #passwords #gnu #linux #unix #bsd
Aaron Toponce ⚛️:debian: · @atoponce
2495 followers · 5064 posts · Server fosstodon.org
Actually, I don't hate this. I mean, it's maybe a touch over-the-top, but not much.
Setting up my account at gitlab.gnome.org.
Mr.Trunk · @mrtrunk
10 followers · 18331 posts · Server dromedary.seedoubleyou.meTechcrunchSecurity: LogicMonitor customers hit by hackers, because of default passwords https://techcrunch.com/2023/08/31/logicmonitor-customers-hit-by-hackers-because-of-default-passwords/ #cybersecurity #LogicMonitor #databreach #Passwords #Security #hackers #infosec
#cybersecurity #logicmonitor #databreach #passwords #security #hackers #infosec
Mr.Trunk · @mrtrunk
10 followers · 18172 posts · Server dromedary.seedoubleyou.meBetanews: Chrome password sharing feature makes it easier to share login credentials... with limitations https://betanews.com/2023/08/31/chrome-password-sharing-feature-makes-it-easier-to-share-login-credentials-with-limitations/ #GoogleFamilyGroup #passwordsharing #sharepassword #Passwords #Security #Article #Browser #Chrome #Google
#googlefamilygroup #passwordsharing #sharepassword #passwords #security #article #browser #chrome #google
Alberto Bonacina 💙🐧 · @polilluminato
66 followers · 100 posts · Server fluttercommunity.socialRaise your hand if you have never used TOO easy credentials and passwords for your accounts, applications and demos. This interesting article from @bitwarden presents some hints for changing habits and getting your employees and contractors to change them as well #passwords #security #accounts https://bitwarden.com/blog/how-to-motivate-employees-to-use-strong-passwords/
#passwords #security #accounts