article thumbnail

KeePass Vulnerability Imperils Master Passwords

Dark Reading

A newly discovered bug in the open source password manager, if exploited, lets attackers retrieve a target's master password — and proof-of-concept code is available.

Passwords 138
article thumbnail

Microsoft Fully Ditches the Password

Data Breach Today

Windows Users Can Now Use Other Methods to Access Microsoft Products Microsoft has officially gone fully passwordless, allowing Windows users to replace their alphanumeric passwords with one of several substitute sign-in technologies to gain entry into a Microsoft product - a move received positively by industry insiders.

Passwords 345
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Password Management: The First Line of Defense

Data Breach Today

Vikas Malhotra of LastPass on Ways to Transition From Password to Passwordless Vikas Malhotra, country manager, LastPass, discusses establishing a password management program as the first line of defense in establishing user identity, followed by 2FA and MFA as the second step in the protection process.

Passwords 246
article thumbnail

How Coinbase Phishers Steal One-Time Passwords

Krebs on Security

A recent phishing campaign targeting Coinbase users shows thieves are getting cleverer about phishing one-time passwords (OTPs) needed to complete the login process. In each case, the phishers manually would push a button that caused the phishing site to ask visitors for more information, such as the one-time password from their mobile app.

Passwords 337
article thumbnail

26M Passwords Exposed in Botnet Data Leak

Data Breach Today

Facebook Passwords, Valid Cookies Some 26 million passwords were exposed in a 1.2 Data Includes 1.5M terabyte batch of data found by NordLocker, a security company. It's workaday botnet data but highlights a hostile malware landscape, particularly for people still inclined to download pirated software.

Passwords 338
article thumbnail

KeePass 2.X Master Password Dumper allows retrieving the KeePass master password

Security Affairs

A researcher published a PoC tool to retrieve the master password from KeePass by exploiting the CVE-2023-32784 vulnerability. X Master Password Dumper that allows retrieving the master password for KeePass. ” KeePass is a free and open-source software used to securely manage passwords. x versions. x versions.

article thumbnail

Ukraine Nabs Suspect in 773M Password ?Megabreach?

Krebs on Security

In January 2019, dozens of media outlets raised the alarm about a new “megabreach” involving the release of some 773 million stolen usernames and passwords that was breathlessly labeled “the largest collection of stolen data in history.” By far the most important passwords are those protecting our email inbox(es).

Passwords 337