Posts Tagged ‘passwords’
Thursday, February 14th, 2013
Major security breaches occur in quick succession one after another. Is it a chain reaction? How do we stop it?
- January 2012: Zappos hacked, 24 million accounts accessed
- June 2012: 6.5 Million encrypted LinkedIn passwords leaked online
- July 2012: 420,000 Formspring passwords compromised in security breach
- July 2012: Yahoo! Mail hacked
- August 2012: Dropbox hacked, user accounts database leaked.
- August 2012: Blizzard Battle.net hacked, user accounts leaked.
- September 2012: Private BitTorrent tracker hacked, passwords leaked by Afghani hackers
- September 2012: Over 30,000 usernames and passwords leaked from private torrent tracker RevolutionTT
- September 2012: IEEE admits password leak, says problem fixed
- November 2012: Adobe Connect Security Breach Exposes Personal Data of 150K Users
- November 2012: Security breach hits Amazon.co.uk , 628 user id and password leaked
- November 2012: Anonymous claims they hacked PayPal’s servers, leaks thousands of passwords online
- December 2012: 100 million usernames and passwords compromised in a massive hack of multiple popular Chinese Web sites
- January 2013: Yahoo! Mail hacked (again).
- February 2013: Twitter breach leaks emails, passwords of 250,000 users
Tags: Blizzard, passwords, Security breach, Yahoo!
Posted in General, Human Factor, Security, Tips & Tricks | No Comments »
Friday, September 17th, 2010
XKCD posted quite nice comics with a reallife problem behind them. It is very likely that some Web-services do as described, either sell such info to third parties or use it for evil purposes. Our recommendation is if you cannot trust some of the websites, choose another unique password for them. It would be even wiser if you had different passwords for all websites you visit. Some even unimportant websites can aslo be cracked and even if they (better to say your data stored there) have no value at all, your password, can be tried for Facebook or LinkedIn, hopefully in vain. 
Tags: passwords, Secure Passwords, XKCD
Posted in General | No Comments »
Tuesday, July 7th, 2009
.jpg)
Ever heard of password masking problem? To be honest, I have not – until I’ve read the Stop Password Masking article by Jakob Nielsen (somewhere referred to as "usability guru"), followed by a lot of other publications, blog posts and comments (see ‘em all); so-called security guru Bruce Schneier wrote even two essays on that.
Well, that reminded me of a very funny stupid CAPSoff Campaign…
In brief, here is the "problem": for years (I think starting from Windows 3.0 released almost 20 years ago), the passwords are being masked as you type them (in most programs what have any kind of password protection, and an operating system itself), i.e. replaced with asterisks or black circles. What for? To prevent the password from being read by someone who stands behind you.
(more…)
Tags: Bruce Schneier, Jakob Nielsen, password masking, password recovery, password security, passwords, PGP
Posted in General, Human Factor, Security, Software, Tips & Tricks | 3 Comments »
Wednesday, June 3rd, 2009
ElcomSoft is launching a survey intended to collect more information on how people handle their passwords, which remain a major way for user authentication. Whether you are ElcomSoft customer or haven’t seriously thought about password security, we hope you will answer our questions.
The questionnaire is well designed and if you have no time you can simply tick the matching answers which are prepared for your convenience. If you have a special experience to share or lots of thoughts on passwords, please take a while and use empty spaces provided for your own answers.
The survey is set to run for several weeks in order to cover more people, for we understand that summer is the best season for vacations. After the survey is completed and results calculated, we will release a full report with facts and figures. We tried to put sensible questions in the belief that results’ analysis will help us find out which questions should be better and more deeply highlighted in our articles, whitepapers, as well as in our blog.
This is the first our empirical research and we hope you will find it interesting and enjoyable. You definitely have your own opinion on passwords, and as you understand this survey is a perfect way for you to share that opinion. So what do you think? Be frank and open, take the questionnaire, and help us let others know about it.
Tags: password management, password security, passwords, survey
Posted in Elcom-News, General, Human Factor, Security | 1 Comment »
Wednesday, May 20th, 2009
Although it is widely known that authentication via ‘secret’ questions is not secure, now we finally have statistical evidence to prove it. Microsoft Research and Carnegie Mellon University have conducted a study that measures how guessable answers to ‘secret’ questions are. The researchers looked at the questions used by AOL, Google, Microsoft, and Yahoo! in order to authenticate users who need to reset their forgotten passwords. The ability of users to memorize their answers was also questioned. (more…)
Tags: AOL, Google, guessing attack, Microsoft, passwords, research, secret questions, user authentication, Yahoo!
Posted in General, Human Factor, Security | No Comments »
Tuesday, April 28th, 2009
Last week a colleague of mine, Andrey Belenko, gave a speech at the Troopers conference in Munich. Olga wrote about it in this blog. All the talks at Troopers were awesome. Soon the videos and slide shows will be available for downloading on Troopers website.
If you have an opportunity, visit Andrey’s talk about green password recovery at Infosec, London. It’s on Wednesday, April 29th, at 15:20, at the Technical Theare. Also visit our booth K35 at Earls Court for free software trials.
Tags: GPU, GPU Accleration, Infosecurity, passwords, Speech, TROOPERS
Posted in General, Security | No Comments »
Thursday, April 16th, 2009
No, it’s no a typo 
. COFEE means Computer Online Forensic Evidence Extractor, actually. Never heard about it? Then read Microsoft supplies Interpol with DIY forensics tool. Just don’t ask where to get it. We have not seen it either.
Tags: Data Recovery, Microsoft, Microsoft Office, password, password cracking, password recovery, passwords
Posted in General, Software | No Comments »
Thursday, April 16th, 2009
According to CNET News, Office 14 technical preview will be available in Q3, and release version in the first half of 2010; Office 2010 will come in both 32-bit and 64-bit versions.
If password encryption will be improved there — of course, we’ll update Office Password Recovery accordingly. Though it is already good enough in Office 2007 — even with GPU acceleration, the password recovery speed is only thousands passwords per second (see some benchmarks at Distributed Password Recovery page), so even relatively short passwords are secure enough.
Tags: GPU acceleration, Microsoft Office, password recovery, passwords
Posted in Security, Software | 2 Comments »
Monday, April 13th, 2009
Michael Kassner placed an article about Surveillance Self-Defense in the TechRepublic, where he gives brief outline of the SSD website. Though some can endlessly brood over the grounds for the project foundation, for me one is clear that this site can be very much helpful to put all principal computer security guidelines together and close the gaps in your own security.
(more…)
Tags: Data Protection, Elcomsoft System Recovery, Encrypting File System, passwords, Security, Surveillance Self-Defense
Posted in General, Security, Software, Tips & Tricks | No Comments »
