Credentials articles

New Android feature seamlessly transfers account credentials to new devices

Forward-looking: When users replace or upgrade an iPhone or iPad, login credentials usually transfer automatically, allowing customers to resume using their favorite apps and services immediately. In contrast, Android devices force users to log back into their apps manually, which can become tedious and time-consuming. A new feature for Android developers aims to remedy this annoyance.

A record 10 billion passwords were just posted to a popular hacking forum

Massive data dump containing millions of passwords sparks security alert: Is your data safe?

Bitwarden's password manager browser extension has a known exploit it hasn't addressed in five years (Update: fix coming)

PSA: Hackers can steal your username and password for a website using an embedded iframe. It's a weakness for all password managers, and most have addressed the flaw in various ways, including issuing warnings when users are on a login page with an iframe or not trusting subdomains. Bitwarden is the sole exception, having determined in 2018 that the threat was not significant enough to address.

Thousands of PayPal accounts breached in credential stuffing attack

Microsoft employees accidentally exposed login credentials for important internal systems

FBI claims VPN credentials of US universities are being sold on Russian cybercrime forums

Credentials to an airport's security systems sold on the dark web for $10

Facebook and Netflix scan leaked data sets for recycled passwords

Security question answers are less secure than the passwords they help protect

Internet Explorer 11 flaw leaves user credentials ripe for the taking

Canadian credential manager PasswordBox joins Intel's Security Group

Microsoft rolls out optional two-factor authentication for user accounts

Anonymous reveals personal information of 4,000 U.S. bank executives

Weekend tech reading: Is password security inadequate today?