Released over the Easter weekend (April 21, 2019), the report also found that the most-used password from global cyber breaches was “123456,” with “ashley” the most-used name as a password. The global password-risk list was published to disclose passwords already known to hackers.
The polling was independently carried out on behalf of NCSC, a part of GCHQ and the Department for Digital, Culture, Media and Sport (DCMS). The findings, as well as 100,000 passwords already known to have been breached by hackers, were released ahead of NCSC’s CYBERUK 2019 conference, which will be taking place in Glasgow this week.
These will inform government policy and guidance offered to the public.
Read entire post Password “123456” Used by 23.2 Million Users Worldwide | Phee Waterfield | InfoSecurity
This time, the company acknowledges that it mishandled sensitive passwords for hundreds of millions of its users, primarily those who use its Facebook Lite product. The disclosure casts doubt on the company’s abilities to protect its users’ information as it focuses more on privacy.
On Thursday, Facebook said it didn’t properly mask the passwords of hundreds of millions of its users and stored them as plain text in an internal database that could be accessed by its staff.
The company said it discovered the exposed passwords during a security review in January and launched an investigation. Facebook did not say how long it had been storing passwords in this way.
Read entire post Facebook staff had access to hundreds of millions of people’s passwords | Donie O’Sullivan and Kevin Collier | CNN Business
Nearly two-thirds (63%) of IT professionals are more concerned about data privacy and security than they were two years ago, but their poor online practices continue to drive cyber-risk, according to a new study.
Also known as Data Privacy Day in North America, the awareness-raising event was originally slated for January 28 13 years ago as this was the date that the Council of Europe’s data protection convention (Convention 108) was opened to signature.
However, while most of the respondents to Yubico’s study — who were IT and information security pros in the US, UK, Germany and France — said they were increasingly concerned about privacy, bad habits persist.
Facebook has issued a password reset for around 90 million users, after a flaw was found in Facebook’s code that impacted “View As”, a feature that lets people see what their own profile looks like to someone else.
According to a statement by Guy Rosen, VP of product management at Facebook, the flaw was discovered on Tuesday 25th September, and affected almost 50 million accounts. He said that the flaw would have allowed an attacker steal Facebook access tokens which they could then use to take over people’s accounts.
“Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app,” he said.
The airline has warned that users who had entered their passport details into the product may have had that data stolen. Experts warn that the theft of such information would pose a serious ID fraud risk.
The firm has also been criticized for its relatively weak password system.
See also Edward Snowden and John Oliver discuss password security and it’s hilarious!
Although it is not clear how the breach occurred, one cyber-security specialist highlighted that Air Canada’s website still says account passwords should contain between six and 10 characters and that it only accepts letters and numbers, but no other symbols.
“Many users will choose short and easily guessable passwords,” commented Amit Sethi, a security consultant at Synopsys. “Moreover, users that want to use strong passwords cannot do so.”
Really important tips and advises from Edward Snowden. Will this video motivate you to upgrade your password, or passphrase? It sure did for me!
Watch the complete interview at https://www.youtube.com/watch?v=yzGzB-yYKcc&ab_channel=LastWeekTonight
Browse through our collection of Information Security related publications at https://resiliencepost.com/category/risk-security/security/
Do you need to find a code no one could break into? Ask Commander Data for help!