Password

Users of Google services will now be better protected with the newly launched 2-step verification system.

The 2-step verification includes your password and code you get via your phone.

Google explained in its post on the official blog: “Take your time to carefully set up 2-step verification—we expect it may take up to 15 minutes to enroll. A user-friendly set-up wizard will guide you through the process, including setting up a backup phone and creating backup codes in case you lose access to your primary phone.”

German researchers have found the way to hack into the locked iPhone and steal passwords in just six minutes without even cracking the phone’s passcode.

Researchers explained in a video footage that the attack targets Apple’s management system, a keychain. If an iPhone or iPad is stolen passwords for networks and corporate information systems can be easily misappropriated by crooks.

A report from the security vendor Check Point reveals that 79% of users admit that they type personal information and phrases in passwords. Besides, 26% of web users reuse the same passwords for e-mail, online banking, or social networking accounts while 8 percent claim they copy passwords from online lists of "good" passwords.

Furthermore, more than 22 percent have had their social networking accounts hacked, and the same amount have experienced email hacking.

Facebook now allows its select members to log into their accounts from public computers using a one-time password generated after sending an SMS to a dedicated number. The temporary access code sent to the mobile phone number set preliminary in the account is viable only for 20 minutes. This feature was introduced by the social network to prevent unauthorized access to the profiles that result when credentials are entered into machines that have been compromised by keyloggers and similar types of malware.

A new research by BitDefender confirmed that there is sense in having different user names and passwords to protect identities and information not meant to be public. The company revealed that many people today use the same user name and password in logging into several secure websites. The experiment also revealed that some 250,000 e-mail addresses, user names and passwords were found in social and open networks, including blogs, collaboration platforms, torrents, and other channels.

According to the data provided by the researchers at VeriSign's iDefense group a hacker named Kirllos is selling Facebook user names and passwords in an underground hacker forum with the number of accounts offered for sale making up 1.5 million!

It is uncertain if the credentials sold by Kirillos are legitimate. The price asked by the hacker varies from US$25 to $45 per 1,000 accounts, depending on the number of contacts each user has.

VeriSign Director of Cyber Intelligence Rick Howard says that to date Kirllos seems to have sold close to 700,000 accounts.

Imperva studied the passwords which were breached during the hack of RockYou.com. The study found that a great number of those 32 million passwords were poor and too simple. The top ten passwords Imperva found among those compromised in the attack are these:

1. 123456
2. 12345
3. 123456789
4. Password
5. iloveyou
6. princess
7. rockyou
8. 1234567
9. 12345678
10. abc123

RockYou, social app creator, notified 32 million of its users that their usernames and passwords may have been compromised by hackers who broke into the company’s older widgets.

RockYou chief technology officer Jia Shen said in an interview the company was notified of the SQL injection attack against RockYou.com last week by security company Imperva. As Shen reported, RockYou closed the site for its legacy applications, like slide show widgets, and secured them.

 As is known a good password is one that's hard to guess, yet easy to remember. Yet a great number of Internet users fail to consider these two main factors when inventing secret login credentials. It seems that anyone of the Internet surfers can become an average statistical hacker when it comes to finding passwords to different kind of accounts in social networking, email and even financial services. The task of fitting a password to an account is simplified by users themselves as most people are just too lazy to thoroughly think over secure and reliable passwords.

PC Tools conducted the survey which says that men are less savvy than women when it comes to online security. Research by the security firm revealed that 47 % of men use the same passwords when signing up to online banking and shopping facilities, compared to just 26 % of women. Men have a more cavalier attitude to email attachments, with 60 % admitting to opening them immediately without checking to see if they are legitimate, but only 48 % of women do the same thing.