Tag: password management
24 articles

Phishers Target LastPass, Bitwarden Users with Fake Security Alerts
Beware of fake security alerts! LastPass and Bitwarden users are being targeted by phishers with convincing emails that mimic real corporate communications, trying to trick you into visiting fraudulent websites.

CEO's Password Practice Exposes Firm to Breach Risk
A CEO's outdated password policy left his 2,000-strong company vulnerable to a potential data breach, after he stored all employee usernames and passwords in a single Excel spreadsheet on his desktop. This alarming security risk was only resolved after months of persistence, when the IT team proved they could manage messages centrally without needing everyone's login details.

Apple Unveils AI-Powered Tool to Automatically Secure Compromised Passwords
Say goodbye to password anxiety with Apple's latest innovation - an AI-powered tool that automatically secures compromised passwords, giving you peace of mind with just a few clicks. This game-changing feature, part of Apple Intelligence, uses AI to update weak and vulnerable credentials to strong, unguessable passwords.

Dashlane Exposes Brute-Force Attack on User Accounts
Dashlane recently alerted a small group of users, fewer than 20, that an external threat actor had launched a brute-force attack on their accounts, attempting to bypass two-factor authentication and gain unauthorized access. The company quickly sprang into action, notifying affected users and taking steps to protect their accounts.

Dashlane Bolsters Defenses After Brute Force Attacks Lock Out Users
Dashlane recently thwarted a brute force attack that temporarily locked out some users, but swift action ensured their accounts were quickly restored. The company has since bolstered its defenses and is closely monitoring the situation to prevent future incidents.

Dashlane Disrupts Service Amid Brute-Force Attacks
Dashlane recently took swift action to protect its users, suspending customer accounts in response to a surge of brute-force attacks that triggered the company's automatic defenses, putting engineers' weekends on hold. This decisive move showcases the password manager's commitment to safeguarding user security.

Strengthening Active Directory Password Rules Without Frustrating Users
Want to boost your Active Directory password security without driving users crazy? Ditch outdated complexity rules and switch to passphrases - longer, multi-word passwords that are easier to remember and harder for hackers to crack.

CISA Exposes Security Lapse with Open GitHub Repository
The US's leading cyber-defense agency, CISA, made a shocking security blunder by leaving a GitHub repository open, exposing sensitive passwords, keys, and tokens with alarmingly obvious filenames. This careless mistake raises serious concerns about the agency's ability to protect itself and the nation from cyber threats.

Active Directory Breaches Persist After Password Resets
Resetting passwords isn't enough to keep hackers at bay, especially in Active Directory environments where cached credentials and sync delays can leave gaping security holes. Even after a password reset, attackers can still find ways to exploit outdated credentials and gain unauthorized access.

Microsoft Edge Exposes Saved Passwords in Plaintext
Microsoft Edge's password management has a concerning vulnerability: it loads all saved passwords into browser memory in plaintext at startup, making it easier for hackers to steal credentials on compromised systems. This is in stark contrast to other Chromium-based browsers like Google Chrome and Brave, which only decrypt passwords when needed.

Weak Passwords Expose Networks to Unintended Access
Even a seasoned expert like Roger Grimes, CISO advisor at KnowBe4, has fallen victim to the pitfalls of weak passwords - in a surprising turn of events, he recalling a time when he accidentally gained access to a client's network using the password "rosebud", famously lifted from a film plot.

UK Urges Adoption of Passkeys Over Passwords
Say goodbye to password headaches! The UK is leading the charge towards a more secure and user-friendly login experience with passkeys, which offer stronger resilience and eliminate many common cyber threats.

Weak Passwords Expose Firms to Data Loss Risk
One careless decision - using the same easily-guessable password across multiple environments - left a client vulnerable to disaster, despite a hefty investment in security tools. A simple password like "admin123" pinned in a shared Slack channel created a single point of failure that put the entire system at risk.

NCSC Endorses Passkeys Over Passwords in New Guidance
Say goodbye to password headaches! The UK's National Cyber Security Centre now recommends passkeys as a user-friendly alternative that provides stronger resilience, making it easier to log in securely.

authentication bypass: Urgent Critical Emergency Flaw
Could a single click hand a stranger the keys to your vault? Click Studios has rushed a patch for a Passwordstate flaw that can create an emergency admin account — if you use Passwordstate, patch immediately, assume possible compromise, and check for unauthorized accounts.

Passwork 7 Review How It Secures and Simplifies Business Passwords
Struggling to keep your business passwords safe and manageable? Passwork 7 makes securing digital keys effortless with powerful, role-based controls and top-notch encryption designed for today’s security challenges.

Is Your Password System Prepared for Regulatory Compliance?
Ensure your password system meets regulatory compliance standards. Discover key strategies to safeguard data and avoid penalties.

Microsoft to Eliminate Password Management Feature from Authenticator App in August 2025
Microsoft will remove the password management feature from its Authenticator app in August 2025, streamlining security for users.

Can Users Safely Reset Their Own Passwords?
Learn how users can safely reset their own passwords with secure methods to protect their accounts from unauthorized access.

Microsoft Edge Introduces Secure Enterprise Password Management
Microsoft Edge offers secure enterprise password management with advanced encryption and centralized controls, ensuring robust business protection.

The North Face Alerts Shoppers Ahead of April Credential Stuffing Attack
The North Face warns shoppers of an imminent April credential stuffing attack—secure your data and shop safely online.

Microsoft Authenticator Alert: Export Your Passwords Before the July Deadline
Microsoft Authenticator Alert: Export your passwords before the July deadline to secure your account and ensure uninterrupted access.

The cost of compromise: Why password attacks are still winning in 2025
Uncover why password attacks are still winning in 2025. Explore how outdated defenses and rising breach costs are crippling business security.

Microsoft Shifts Authenticator Users to Edge After Discontinuing Password Autofill
After discontinuing password autofill, Microsoft shifts Authenticator users to Edge for enhanced security and streamlined browsing.