Stolen Password - Reduce The Revelation
Online wallets, offline cold storage, exchange login credentials, email... our list of logins to essential services seems to grow longer every few months. At the same time authentication vulnerabilities and attacks proliferate, and the growing amount of computing power and human endevour dedicated to stealing online credentials is staggering. Realistically, it's not a case of if, but when - and the hour of it unknown. Here's how you can obscure the most critical information revealed by your stolen password - the formula to all your other passwords. This series of articles is an attempt to....
Related News
Google has been hacked and 5 million Gmail credentials have been exposed on the Russian website "Bitcoin Security". The leakage was discovered after a Reddit user submitted credentials on a Reddit sub forum. Daily Mail reports that most of the hacked Gmail-accounts were English, Russian and Spanish. It's estimated that 60% of the accounts were active. A spokesman from Google claims that many of the leaked passwords are most likely taken from another website or service than Gmail. Google told CNews that the credentials from Gmail were stolen through many years with hacking and phising....
SatoshiLabs newly-announced TREZOR Password Manager will store and manage passwords securely and is available for public beta testing for all TREZOR hardware owners, the company announced on Medium. A Chrome extension is available. The new password manager uses advanced cryptography. A user can encrypt each password entry using their personal TREZOR device. The password manager automatically uploads the encrypted data to the user’s private cloud storage, where it is available as needed. No Master Password. TREZOR now addresses the most pressing flaw in password managers, the chance that....
A user don4of4 posted a warning message to other LocalBitcoins.com users that others have been reporting news of stolen bitcoin from their wallets on the website. The user claims that he didn’t believe it first, but when he saw that his 5 Bitcoin were transferred from his account without his permission or order considering, he had a 30 character random password and Google Authenticator set up, he realized something was definitely not right. Don4of4 writes he changed his password after the heartbleed vulnerability was known. Don4of4 posted a picture of his account showing the BTC address....
Reddit user sockinabox recently awoke to an email from Mt. Gox informing him that his funds had been withdrawn. About $12,000 of his personal funds are now gone with absolutely no way for the rightful owner to recover them. Just like the many times before that this has happened and been reported on bitcoin, Mt. Gox's email support is unresponsive which only adds to the frustration. However, even if Mt. Gox responded to every email they received about stolen funds, can they actually do anything to recover funds that have already been stolen? Any Bitcoiner will realize that once the coins....
Password manager service LastPass announced last week that they experienced a data breach that exposed users' email addresses, encrypted passwords and cleartext password reminder hints. Following the good advice to never use the same password twice, and to choose passwords that are difficult to guess (and remember), many people use password management sites such as LastPass. But the problem with using a Web-based third party to store your passwords is that they can get hacked, too. LastPass certainly took many security precautions, and some of them worked. For example, LastPass never had....