For all the repeated advice to use different, complex password for each online account, users are still opting for easy-to-guess, short ones and use them repeatedly across many websites and online services.
A group of researchers from University of California, Berkeley, have analyzed five popular web-based password managers and have discovered - and then responsibly reported - vulnerabilities that could allow attackers to learn a userís credentials for arbitrary websites.
In this interview, Josh Alexander, CEO of Toopher, discusses how an increasingly mobile workforce shapes the way an organization deals with authentication issues, provides advice to a CISO with the task of upgrading an outdated authentication infrastructure, and much more.
In the wake of the revelation of a flaw that allows attackers to bypass PayPal's two-factor authentication feature, the e-payment giant has made it temporarily impossible for users who enabled it to log into their PayPal account via the PayPal mobile app and on certain other mobile apps.
Over 30,000 servers with Supermicro baseboard management controllers (BMCs) on their motherboards are offering up administrator passwords to anyone who knowns where to look, warns Zachary Wikholm, a senior security engineer with the Security Incident Response Team of hosting provider CARI.net.