Posted inBiz & IT CISA credentials
DOGE software engineer’s computer infected by info-stealing malware
Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and…
Posted inaccount takeovers Biz & IT passkeys
Microsoft’s new “passwordless by default” is great but comes at a cost
Microsoft says it’s making passwordless logins the default means for signing in to new accounts,…
Posted inBiz & IT mfa multi factor authentication
Why MFA is getting easer to bypass and what to do about it
These sorts of adversary-in-the-middle attacks have grown increasingly common. In 2022, for instance, a single…
Posted inBiz & IT passwords Remote Desktop Protocol
Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.
The ability to use a revoked password to log in through RDP occurs when a…
Posted in1password bad mobile apps geolocation
1Password offers geo-locating help for bad apps that constantly log you out
You could name things more sensibly in 1Password, of course, and you should. But having…
Posted inApple Biz & IT Google password manager
Google Password Manager finally syncs to iOS—here’s how
Late last year, I published a long post that criticized the user unfriendliness of passkeys,…
Posted inAI chrome chrome browser
Google Chrome may soon use “AI” to replace compromised passwords
Google's Chrome browser might soon get a useful security upgrade: detecting passwords used in data…
Passkey technology is elegant, but it’s most definitely not usable security
Dialog box finally allows the creation of a passkey on a security key. The dueling…