10.1 C
Monday, October 23, 2017
Home Tags Password

Tag: password

password is a word or string of characters used for user authentication to prove identity or access approval to gain access to a resource (example: an access code is a type of password), which is to be kept secret from those not allowed access.

The use of passwords is known to be ancient. Sentries would challenge those wishing to enter an area or approaching it to supply a password or watchword, and would only allow a person or group to pass if they knew the password. In modern times, user names and passwords are commonly used by people during a log in process that controls access to protected computer operating systems, mobile phones, cable TV decoders, automated teller machines (ATMs), etc. A typical computer user has passwords for many purposes: logging into accounts, retrieving e-mail, accessing applications, databases, networks, web sites, and even reading the morning newspaper online.

Despite the name, there is no need for passwords to be actual words; indeed passwords which are not actual words may be harder to guess, a desirable property. Some passwords are formed from multiple words and may more accurately be called a passphrase. The terms passcode and passkey are sometimes used when the secret information is purely numeric, such as the personal identification number (PIN) commonly used for ATM access. Passwords are generally short enough to be easily memorized and typed.

Most organizations specify a password policy that sets requirements for the composition and usage of passwords, typically dictating minimum length, required categories (e.g. upper and lower case, numbers, and special characters), prohibited elements (e.g. own name, date of birth, address, telephone number). Some governments have national authentication frameworks that define requirements for user authentication to government services, including requirements for passwords.

On October 20th, 2017, Cisco PSIRT was notified by the internal product team of a security vulnerability in the Cisco AMP For Endpoints application that would allow an authenticated, local attacker to access a static key value stored in the local a...
Experts applaud a new Google service, Advanced Protection, which beefs up account password protection and limits access to a user’s Gmail and Drive.
The new opt-in program requires authentication with a physical security key.
In May 2017, Kaspersky Lab researchers discovered a forum post advertising ATM malware that was targeting specific vendor ATMs.

The forum contained a short description of a crimeware kit designed to empty ATMs with the help of a vendor specific API, without interacting with ATM users and their data.

The price of the kit was 5000 USD at the time of research.
Researchers have found that lax security makes it easy to track a ship sailing on international waters.
One of the first considerations for developers building mobile and web apps is how to handle account security, namely how they’re going to protect and authenticate their users and their data.

The days where a username and password was sufficient to ...
You may end up in the clink with 'hacker' on your criminal record A California bloke fighting a computer hacking conviction has lost his final appeal after the US Supreme Court declined to hear his case.…
Apple’s password prompts for iOS devices are an easy target for phishing attacks to steal iTunes passwords and IDs.
Benign iOS prompts are indistinguishable from those generated by malicious apps.
Fake login request boxes spark formal bug report Apple, we have a problem.

A bug report filed Monday through Open Radar – which mirrors bug reports developers submit to Apple's private bug tracking system – suggests that password prompts in iOS apps ca...
The four exposed servers had no password, but contained the "keys to the kingdom."