Microsoft now lets users use phone authentication instead of passwords to access accounts
Andrew Dalton / Engadget:
Microsoft now lets users use phone authentication instead of passwords to access accounts — Microsoft’s Authenticator app can now save you a step when logging into anything that requires a Microsoft Account. According to a blog post from the company’s identity division …
Privacy experts worry over Homeland Security’s possible move to collect travelers’ passwords
As the United States struggles with the international response of the new immigration ban, the Department of Homeland Security has created some more tension. In a congressional hearing earlier this week, John F. Kelly, the head of the DHS, shared new technical requirements for visa applicants. Kelly’s proposal calls for…
Someone is selling 32 million Twitter passwords on the dark web
Login information for 32 million Twitter accounts is circulating online, just days after information from social networks LinkedIn, VK and Myspace was posted online following earlier hacks.
TechCrunch reports that the information is being shared online by the same person who originally shared the hacked passwords from VK.
There’s no evidence that Twitter itself has been hacked. Instead, it seems that the stolen passwords, emails, and usernames were collected using malware that tricked people into entering their login information.
The release of the data is likely to cause another wave of Twitter account hacks and takeovers. We’ve already seen several high-profile accounts like the NFL, Katy Perry, Mark Zuckerberg, and Drake taken over because they likely reused their passwords. If one account is affected by a breach, then hackers are able to use that password to get into other accounts.
If you are one of those people who uses the same password on multiple accounts, here is some advice on fixing that.
Join the conversation about this story »
NOW WATCH: This 14-year-old makes up to $1,500 a night eating dinner in front of a webcam in South Korea
Firefox is testing marking any page that sends passwords over HTTP as insecure
A huge, but simple change in the latest Firefox Nightly build is a great step forward for the Web. The browser now marks sites that show password fields but aren’t sent over HTTPS as insecure. A warning, with crossed out lock will appear in the address bar and explain that your credentials may be compromised if sent. Firefox explaining why not to send your password over HTTP When clicked on, Firefox now provides further information about why the site is considered insecure, saying that “information sent over the internet without encryption can be seen by other people.” It’s a bold move, since that…
This story continues at The Next Web