password

1Password adds macOS Mojave dark mode but loses a key feature

1Password adds macOS Mojave dark mode but loses a key feature

With macOS Mojave landing at the end of last month, a lot of developers are looking to update their apps to take advantage of the operating system's new features. 1Password has done just that for its password manager, pushing version 7.2 to Mac this week. Along with it comes a number of new features that center around the new capabilities of macOS Mojave, including a new dark mode 1Password's developers seem particularly excited about.

Continue Reading

Firefox Monitor wants to keep you secure with familiar technology

Firefox Monitor wants to keep you secure with familiar technology

Everyone should be concerned about keeping their various online identities secure, and today, Firefox made that a little bit easier. Working alongside Have I Been Pwned, today Mozilla launched Firefox Monitor. You can use this to see if your email address has been involved in any security breaches, so in that regard, Firefox Monitor mirrors the functionality of Have I Been Pwned pretty closely.

Continue Reading

SMS two-factor authentication is unsafe – Use these instead

SMS two-factor authentication is unsafe – Use these instead

The revelation of Google’s Titan security key has put the spotlight on a long-existing but not widely adopted technology: physical keys that open the doors to your digital life. FIDO-compatible security keys, strange as they may seem, is just the latest attempt to solve one of the biggest threats to digital security: passwords. But while two-factor authentication is finally gaining a bit of traction, thanks to services enforcing it, they are unfortunately using the least secure medium of all: text messages.

Continue Reading

Facebook two-factor authentication is finally safer

Facebook two-factor authentication is finally safer

Two-factor authentication or 2FA is often hailed as the safe compromise to humans' seemingly innate ability to be very bad at passwords. But not all 2FA methods are created equal and some, particularly SMS, are seen as liabilities more than assets. Especially when put in the hands of Facebook. Now the social network giant is cleaning up is mess by finally allowing the use of theoretically safer authenticator apps when logging into your precious Facebook account.

Continue Reading

YubiKey NEO brings hardware 2FA security to iOS: What you should know

YubiKey NEO brings hardware 2FA security to iOS: What you should know

Yubico made a couple of exciting announcements concerning its YubiKey NEO authentication hardware today. The first is that the key is now compatible with iPhones, allowing users to employ two-factor authentication methods that don't need to rely on SMS verification codes. Yubico has also announced a new software development kit for the YubiKey NEO, which will hopefully translate to more developers supporting the device in their iOS apps.

Continue Reading

Websites could soon use your fingerprint to log in

Websites could soon use your fingerprint to log in

Biometrics are everywhere. Almost all smartphones these days, even mid-range ones, have fingerprint scanners. Laptops and convertible tablets are slowly getting there. And while Apple seems to be doing away with them, it is replacing fingerprints with faces, yet another biometric security factor. The only place where this secure authentication method isn’t available is where they matter the most: the Web. But if the World Wide Web Consortium, a.k.a. W3C, has its way, even websites like, well, Facebook will support password-less logins in the near future.

Continue Reading

1Password warns you off reusing leaked passwords

1Password warns you off reusing leaked passwords

Making sure that we secure our various online identities with unique passwords can be a tough thing to do, but thankfully, we have password managers to help us out with that. These password managers have varying features but at the end of the day should all do the same thing: allow you to organize and store your passwords securely. 1Password is a service that's frequently brought up in discussions about password managers, and today it's adding a neat new feature that should help you make even better password decisions.

Continue Reading

Dashlane Project Mirror to kill passwords with a password manager

Dashlane Project Mirror to kill passwords with a password manager

Next to humans themselves, passwords are the bane of digital security. Decades after they have been invented, humans still haven’t learned their lesson, no matter how devastating some cases have been. Many still resort to the worst possible passwords. That frailty has, in a way, helped keep password managers like Dashlane in business. Ironically, Dashlane is now proposing to kill passwords. If that weren’t enough of a head-scratcher, maybe this will be: it will start killing passwords by introducing a password manager.

Continue Reading

LastPass Authenticator Android app is easy to break into [Updated]

LastPass Authenticator Android app is easy to break into [Updated]

Password managers are supposedly the cure for the seemingly innate human tendency to use weak passwords. A special class of password managers take it a step further by using two-factor or two-step authentication or 2FA. But what is said authentication manager itself isn't as bulletproof as it should be? That is the rather odd situation that users of LastPass Authenticator on Android now find themselves in after it was revealed that it is almost trivial to get into the app and access the 2FA codes need, in turn, to get access to accounts and private data.

Continue Reading

Twitter two-factor authentication can now use 3rd party apps

Twitter two-factor authentication can now use 3rd party apps

Two-factor, sometimes called two-step, authentication has become one of the favored methods of strengthening logins. Especially considering how humans seem to have an innate tendency to use incredibly weak passwords. But not all 2FAs, as it is abbreviated, are created equal and some, like SMS, are only just a little bit secure than regular passwords. That’s why some sites that use 2FA also allow third-party authenticator apps to provide the second factor. And, finally, Twitter now does as well.

Continue Reading

2017’s worst passwords will leave you horrified

2017’s worst passwords will leave you horrified

We're less than two weeks out from the start of 2018, and that can only mean one thing: it's time to look back at some of the worst passwords of the year. This year was particularly bad for online security, with many companies reporting breaches that left customer data exposed. Of course, we also have the Yahoo breaches that were revealed late last year, leaving hundreds of millions of accounts at risk.

Continue Reading

Yubico’s new USB-C authenticator is entirely too tiny

Yubico’s new USB-C authenticator is entirely too tiny

The Yubico YubiKey 4C Nano is the perfect way for you to lose access to your computer because of it's miniature size. The image of this device you see above and/or below should give you an accurate sense for scale - it's just about the size of most USB/Bluetooth dongles. The difference here is that this device is the key to your crypto and touch-to-sign, FIDO U2F, one-time password, smart card (PIV), and smart card (OpenPGP) authentication - important stuff.

Continue Reading

1 2