Passwords

Make your Mac safer online: Five tips for better password security

Gotofail. Heartbleed. Target. Sony's PlayStation Network. The NSA. It seems like every few weeks, there's a new story circulating in the news about major security breach concerning systems that you rely on. What can you do to protect yourself?

The bottom line is that attacks do happen, so it's best to try to minimize the risk you face when these services inevitably are breached. Here are some tips to help you stay as safe as possible by changing your password habits.

More →

16
loading...
28
loading...
75
loading...
0
loading...

Comixology forces password resets following unauthorized database access

While there doesn't seem to be any reason for panic here, popular online comics service comixology is requiring customers reset their passwords. That's following an unauthorized database access that exposed usernames, email addresses, and cryptographically protected passwords. Databases get hacked. It's just a fact of modern, online life. Comixology looks like they're doing everything right here, including beefing up security going forward.

More →

4
loading...
0
loading...
32
loading...
0
loading...

Hey OS X 10.9.2 — where did the iCloud Keychain forced password fill go?

It looks like yesterday's major update to Mavericks removed the ability to force passwords to save in Safari even if a website requested that they not be saved. Previously, users could check a box in the Password section of the Safari settings that read "Allow Autofill for websites that request passwords not be saved".

More →

5
loading...
0
loading...
52
loading...
0
loading...

Internet realizes Chrome doesn't keep passwords secure, should also realize we have apps for that!

The internet is in a tizzy today because reporters realized Chrome on the desktop doesn't securely store passwords, and they realized most people probably don't realize that either. What this means is that anyone who has physical access to your Mac or Windows PC, and knows where to look, can see your logins in plain text. For those familiar with Chrome's security model, that's nothing new. The same things was true last week, last month, and last year. It's a reflection of Google's philosophy, which is different than Apple's - Safari requires a login to show passwords.) The reason for the recent internet angst is Elliot Kember:

More →

2
loading...
0
loading...
30
loading...
0
loading...

iOS 7 preview: iCloud Keychain aims to make security more convenient

iOS 7 adds an incredibly important set of new features to Apple's Safari web browser - the ability to generate, store, and fill passwords. Sure, there have been third-party apps that have done this, and more, for years. But when the functionality is baked into the OS, even when it's only the basest level of functionality, there's a greater chance that more people will use it. And more people really need to use a password manager, and the unique passwords they enable. Yes, it's security week on Talk Mobile, so there's no better time to talk about mobile security, and passwords.

More →

11
loading...
0
loading...
48
loading...
0
loading...

Security vs. convenience: How do you balance your passwords?

Security is at constant war with convenience. The stronger the passwords we use to keep our data safe, the more steps we take to lock down what we own, the less accessible our data and our devices become -- even to us. Balancing it all can be tough, and a lot depends on what the platforms and services we use do to help us. And nowhere is this more evident than mobile.

Multitouch keyboards, in large part, rely on things like like character pair prediction and auto-correct to make entry acceptable. Neither of those things are possible with passwords, and strong passwords require far higher than normal frequencies of shifting between upper and lower case, and between letters and numbers and symbols. It's the worst possible experience.

More →

6
loading...
0
loading...
95
loading...
0
loading...

Twitter hacked, 250,000 passwords compromised

Twitter has informed users that their service had been hacked and that 250,000 usernames, email addresses, session tokens, and encrypted/salted passwords had been compromised. According to Twitter's director of information security, Bob Lord, who posted on blog.twitter.com:

More →

12
loading...
0
loading...
194
loading...
0
loading...

Smashed and grabbed

More →

0
loading...
0
loading...
0
loading...
0
loading...

pwSafe - Password Safe for iOS now universal for iPhone and iPad

pwSafe - Password Safe for iOS is, as it's name implies, now available as a universal application for iPhone and iPad. pwSafe is a password management app that stores your passwords and allows you to sync them across devices and computers.

  • Dropbox sync, fully automatic and bi-directional (in-app purchase)
  • Password generation
  • Universal binary - iPad, iPhone and iPod Touch optimized
  • Search in all fields
  • Single tap password copy to clipboard
  • Multiple fields (title, username, password, URL, email and notes)
  • iTunes file sharing
  • Receives safes as e-mail attachments (please name your safes with a .psafe3 extension)
  • Opens safes from Dropbox (free without sync)
  • Multiple safes
  • Unlimited passwords
  • Unlimited password groups
  • Open source

If you pick this one up, let us know what you think! Check out the screenshots after the break.

[Free, with in-app purchase - iTunes link]

Have an app you'd love to see featured on TiPb? Email us at iosapps@tipb.com, tell us about your app (include an iTunes link), and we'll take a look.

More →

0
loading...
0
loading...
0
loading...
0
loading...

Security researchers: iPhone Keychain circumvented, data stolen in 6 minutes

If someone manages to take physical possession of your iPhone and keep it long enough to Jailbreak it, enable SSH, and get access to the root, they can compromise Apple's Keychain password management system and get to your data in roughly 6 minutes.

The attack works because the cryptographic key on current iOS devices is based on material available within the device and is independent of the passcode, the researchers said. This means attackers with access to the phone can create the key from the phone in their possession without having to hack the encrypted and secret passcode.

More →

1
loading...
0
loading...
0
loading...
0
loading...

Pages