password manager

The Collection #1 data breach – what you need to do about it

A huge collection of email addresses and passwords, which can be used in attempts to break into online accounts, has been discovered.

If you are one of the affected users, what should you do about it?

2 min read

Smashing Security #033: 1Password, net neutrality, and spatchcock chicken

Is password manager 1Password treating its customers unfairly? Are autonomous cars driving us around the bend? And what is this Net Neutrality thing anyway?

All this and more is discussed in the latest edition of the “Smashing Security” podcast.

43 sec read

LastPass has a secret major vulnerability – and, as yet, there’s no fix

The popular password management firm LastPass is working to fix major vulnerability in its software, responsibly disclosed to it by a security researcher.

David Bisson reports.

1 min read

Smashing Security podcast: Passwords

The Smashing Security team tackle the thorny topic of passwords and offer some advice and tips for computer users.

Take a listen and let us know what you think.

16 sec read

LastPass security holes could have seen hackers steal your passwords

Working separately, two vulnerability researchers have found worrying ways to steal passwords from the popular online password manager LastPass.

Fortunately, LastPass has responded quickly – fixing the bugs before they can be maliciously exploited. Here is what you need to know.

55 sec read

‘How Dashlane compromised my privacy on Twitter’

David Bisson wonders if he has made a mistake in his choice of password manager.

It may have kept his passwords secure, but Dashlane has published his email address to the world.

1 min read

Flaws found in LastPass password manager by security researchers

Two security researchers have discovered a number of bugs, bad practices, and design issues in the popular LastPass password manager.

David Bisson reports.

2 min read

VIDEO: Good password advice from NatWest? Don’t bank on it

NatWest Bank has made some videos telling you how to be safer online. A noble effort, but unfortunately their password advice is poor.

Learn more about the mistake they made in my own response video.

50 sec read

VIDEO: Password scare for some British Gas customers

Make sure that you are using different passwords for every website that you access. Reusing passwords is just asking for trouble.

Watch my video to learn more.

1 min read

1Password to improve its security, after online criticism

A software engineer has shined a light on a potential weakness in 1Password that could expose unencrypted metadata about vault entries.

Read more in my article on the Hot for Security blog.

0 sec read

Opinion: Maybe you shouldn’t junk LastPass just yet

LastPass’s announcement has upset a lot of users, but should you dump the password manager for another product?

Guest contributor Bob Covello shares his thoughts.

1 min read

TalkTalk isn’t helping customers use safer passwords

It’s a real shame to see a company not helping its customer use safer passwords, especially in the wake of a data breach. Let’s hope TalkTalk gets a clue and sees sense soon.

1 min read

Equifax clearly doesn’t want you to use a password manager

Another website is found preventing security-minded users from pasting complex passwords into online forms.

52 sec read

British Gas reveals it doesn’t think password managers are good for security

British Gas customer Ben Woodward understands the benefits of having a complicated, hard-to-remember password rather than a dumb, easy-to-guess one.

Unfortunately, it doesn’t seem that British Gas agrees.

43 sec read

Lesson #1 from the Hacking Team hack: Choose strong passwords

Turns out that hacked spyware company was using some pretty dumb passwords.

“P4ssword” anybody?

1 min read

Don’t let the LastPass hack destroy your faith in password managers

The LastPass hack may rattle some people’s faith in password managers, but the truth is that they’re a heck of a lot safer than the alternative.

Read more in my article on the Optimal Security blog.

0 sec read