#password-hygiene — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #password-hygiene, aggregated by home.social.
-
🔒 New on the blog: The #DarkSideOfPasswordManagers—what no one tells you about “safe” vaults.
• Cloud apps risk master-password leaks
• Autofill can spill your data into fake forms
• Emergency access setups? Potential unlock keys for attackersSmart usage means understanding where password managers can slip.
-
🔐 Password Hygiene: Rotating the Wardrobe of Digital Defense #PasswordHygiene #PasswordRotation #SmallBusinessSecurity #Cybersecurity #OpenSource #FreeTools #PasswordManager #KeePassXC #Bitwarden #Passbolt #TwoFactorAuthentication #2FA #Fail2ban #Yubikey #TOTP #OpenSourceSoftware #PasswordStrength #BusinessSecurity #DigitalDefense #SecurityPractices #PasswordPolicy #PasswordManagement #CybersecurityTips #SecurePasswords #BusinessCybersecurity #ITSecurity #OnlineSecurity
-
Once again, I’m finishing this Sunday feature from Dulles Airport. Tonight’s destination is London, courtesy of a press trip Uber is hosting for the Go-Get Zero event it’s staging there to talk about its vehicle-electrification ambitions. (My editors at PCMag approved this arrangement, and I’ll note the comped-travel part of it in the copy I file.)
This was a slow week for me in terms of published stories, but Patreon readers got one more post by me: a review of disinformation researcher Renée DiResta’s book Invisible Rulers: The People Who Turn Lies Into Reality. It’s well worth reading if you, too, had some side-eye reactions to the moment in the vice-presidential debate when Republican candidate Sen. JD Vance (R-Ohio) answered a question from Democratic candidate Gov. Tim Walz (D-Minn.) about whether Trump lost the 2020 election by pivoting to a complaint about Facebook content moderation.
10/2/2024: Not Great: Even Password Manager Subscribers Reuse Passwords, PCMag
Usually, Dashlane’s PR folks not only offer advance access to their studies on an embargoed basis but remind me of that multiple times. For whatever reason, that didn’t happen with this particularly interesting study, which I appreciated because it relieved me of any time pressure to have a writeup ready to go before the company posted the study. Instead, I could spend several hours in a back-and-forth e-mail conversation with some Dashlane publicists to make sure that I understood how they did this research. And to ask what thoughts they had after seeing so many users of their own service fail to heed one of its most basic bits of security advice.
(Okay, I also probably would have filed this faster if I hadn’t spent the day on a telecom spectrum-policy conference that occupied most of my attention.)
https://robpegoraro.com/2024/10/06/weekly-output-password-reuse-by-password-manager-users/
-
“I see your problem. Your password doesn’t have a Celtic rune or a segment of your DNA code.”
-
Hello Fellow Mastodonians!
The results of the Password Manager Poll are in . . . and here’s a great big “Thank You” to all 30 of you who voted.The original question was:
If we asked 3,000 random adults in the US, UK and Canada if they use password managers, how many would say . . . “I do”?
☑️ 10% of you said 13%
☑️ 60% of you said 2%
☑️ 23% of you said 7%
☑️ 7% of you said 32%The National Cybersecurity Alliance in association with CybSafe issued their latest survey results — “Oh, Behave! The Annual Cybersecurity Attitudes and Behaviors Report | 2022
“Behavior. It’s the most tumultuous variable in cybersecurity. So, for the second time in two years we went out and asked some real, living, breathing humans about how they behave on the internet or when using tech. We’re pleased to present these findings in our Annual Cybersecurity Attitudes and Behaviors Report 2022 or, as it’s known ‘round here, (best Austin Powers’ impressions at the ready) the “Oh, Behave!” report.”
7% of adults in this survey said they use a password manager application.
So some of you Mastodonian poll-takers got it right, hooray! 🥂
But . . . 6% of adults in this survey said they *save passwords in their browser.*
What do we make of that? Does this mean online adults don’t know that when they save passwords in their browser, they’re using a built-in password manager?
Certainly the major browsers have sophisticated password managers built in.
Is this a messaging opportunity?
Can we somehow reframe the messaging around built-in password managers in a way that would be productive?
You never know what people will say when you ask them a question. A whopping 22% in the “Oh, Behave!” survey said they simply remember their passwords without writing them down, or using any other method for remembering them. Considering the average consumer has 100+ online accounts, that’s a Herculean feat. At the very least, that answer’s gotta raise at least one Spock eyebrow.
The “Oh, Behave!” report is fascinating, since it shows how members of the general public *respond to questions* when asked how they define sensitive online accounts, what sort of access to cybersecurity training they have, how that training has impacted them, whether they’ve been the victims of cybercrime, etc.
It’s always valuable to know what people are thinking.
https://staysafeonline.org/online-safety-privacy-basics/oh-behave/
-
Hello Fellow Mastodonians!
The results of the Password Manager Poll are in . . . and here’s a great big “Thank You” to all 25 of you who voted.The original question was:
If we asked 3,000 random adults in the US, UK and Canada if they use password managers, how many would say . . . “I do”?
☑️ 36% of you said 2%
☑️ 48% of you said 7%
☑️ 16% of you said 18%
☑️ 0% of you said 32%The National Cybersecurity Alliance in association with CybSafe issued their latest survey results — “Oh, Behave! The Annual Cybersecurity Attitudes and Behaviors Report | 2022
“Behavior. It’s the most tumultuous variable in cybersecurity. So, for the second time in two years we went out and asked some real, living, breathing humans about how they behave on the internet or when using tech. We’re pleased to present these findings in our Annual Cybersecurity Attitudes and Behaviors Report 2022 or, as it’s known ‘round here, (best Austin Powers’ impressions at the ready) the “Oh, Behave!” report.”
7% of adults in this survey said they use a password manager application.
So many of you Mastodonian poll-takers got it right, hooray! 🥂
But . . . 6% of adults in this survey said they *save passwords in their browser.*
What do we make of that? Does this mean online adults don’t know that when they save passwords in their browser, they’re using a built-in password manager?
Certainly the major browsers have sophisticated password managers built in.
Is this a messaging opportunity?
Can we somehow reframe the messaging around built-in password managers in a way that would be productive?
You never know what people will say when you ask them a question. A whopping 22% in the “Oh, Behave!” survey said they simply remember their passwords without writing them down, or using any other method for remembering them. Considering the average consumer has 100+ online accounts, that’s a Herculean feat. At the very least, that answer’s gotta raise at least one Spock eyebrow.
The “Oh, Behave!” report is fascinating, since it shows how members of the general public *respond to questions* when asked how they define sensitive online accounts, what sort of access to cybersecurity training they have, how that training has impacted them, whether they’ve been the victims of cybercrime, etc.
It’s always valuable to know what people are thinking.
https://staysafeonline.org/online-safety-privacy-basics/oh-behave/
-
Hello Fellow Mastodonians!
The results of the Password Manager Poll are in . . . and here’s a great big “Thank You” to all 45 of you who voted.The original question was:
If we asked 3,000 random adults in the US, UK and Canada if they use password managers, how many would say . . . “I do”?
☑️ 40% of you said 2%
☑️ 51% of you said 7%
☑️ 7% of you said 18%
☑️ 2% of you said 32%The National Cybersecurity Alliance in association with CybSafe issued their latest survey results — “Oh, Behave! The Annual Cybersecurity Attitudes and Behaviors Report | 2022
“Behavior. It’s the most tumultuous variable in cybersecurity. So, for the second time in two years we went out and asked some real, living, breathing humans about how they behave on the internet or when using tech. We’re pleased to present these findings in our Annual Cybersecurity Attitudes and Behaviors Report 2022 or, as it’s known ‘round here, (best Austin Powers’ impressions at the ready) the “Oh, Behave!” report.”
7% of adults in this survey said they use a password manager application.
So the majority of you Mastodonian poll-takers got it right, hooray! 🥂
But . . . 6% of adults in this survey said they *save passwords in their browser.*
What do we make of that? Does this mean online adults don’t know that when they save passwords in their browser, they’re using a built-in password manager?
Certainly the major browsers have sophisticated password managers built in.
Is this a messaging opportunity?
Can we somehow reframe the messaging around built-in password managers in a way that would be productive?
You never know what people will say when you ask them a question. A whopping 22% in the “Oh, Behave!” survey said they simply remember their passwords without writing them down, or using any other method for remembering them. Considering the average consumer has 100+ online accounts, that’s a Herculean feat. At the very least, that answer’s gotta raise at least one Spock eyebrow.
The “Oh, Behave!” report is fascinating, since it shows how members of the general public *respond to questions* when asked how they define sensitive online accounts, what sort of access to cybersecurity training they have, how that training has impacted them, whether they’ve been the victims of cybercrime, etc.
It’s always valuable to know what people are thinking.
https://staysafeonline.org/online-safety-privacy-basics/oh-behave/
#Passwords
#Cybersecurity
#StaySafeOnline
#PasswordHygieneOn A Personal Note:
The move to Mastodon is an awesome opportunity to create something new, something fresh — a community of like-minded individuals with a diversity of opinion (not a contradiction). Would you consider following me here on Mastodon, if you don’t already? I’m committed to nurturing your Home feed with a daily dose of unusual, insightful, and (hopefully) useful information security content — honest conversation without rancor or drama.:boost_ok: Feel free to share (boost) this post with all those who follow you by clicking the cycled-arrow icon below.
:mastodon: Here on Mastodon, boosting doesn’t elevate a post through any algorithmic shenanigans. Everyone who follows you gets to see the post (“toot”) without the platform interfering.
