Latest Tech News

Stay updated with the latest in technology, AI, cybersecurity, and more

Filtered by: password Clear Filter

Your passkeys could be vulnerable to attack, and everyone - including you - must act

zdnet.com David Berlind 2025-09-20 12:00:00

Vertigo3d/iStock/Getty Images Plus via Getty Images Follow ZDNET: Add us as a preferred source on Google. ZDNET's key takeaways A researcher developed an exploit that hijacks passkey authentication. The exploit depends on a non-trivial combination of pre-existing conditions. Neither the passkeys nor the protocol was proven to be vulnerable. At this year's DEF CON conference in Las Vegas, white hat security researcher Marek Tóth demonstrated how threat actors could use a clickjack attack

Topics: manager passkey password tóth user
Read More
Shop Amazon

Just Use HTML

news.ycombinator.com Unknown 2025-09-29 05:45:58

September 10, 2025 Just use HTML I’ve worked on so many projects recently that were more complicated than they needed to be because they used JavaScript to generate HTML. JavaScript is… Slower to load Slower to run More prone to breaking Harder to read and reason about Doesn’t actually look like the final output It’s inferior to just using HTML in nearly every way. I’m not saying never use JavaScript, though. I think JS is great at augmenting and enhancing what’s already there, and addi

Topics: const form label password username
Read More
Shop Amazon

Wanted to spy on my dog, ended up spying on TP-Link

news.ycombinator.com Unknown 2025-10-01 02:28:54

Wanted to spy on my dog, ended up spying on TP-Link I recently bought a cheap Tapo indoor camera to see what my dog gets up to when I am out of the house. What actually followed? I ended up reverse-engineering onboarding flows, decompiling an APK, MITMing TLS sessions, and writing cryptographic scripts. My main motivation for this project really stemmed from the fact that the camera annoyed me from day one. Setting the camera up in frigate was quite painful, no one really seemed to know how t

Topics: app camera onboarding password tapo
Read More
Shop Amazon

Pass: Unix Password Manager

news.ycombinator.com Unknown 2025-10-01 16:16:40

Introducing pass Password management should be simple and follow Unix philosophy. With pass , each password lives inside of a gpg encrypted file whose filename is the title of the website or resource that requires the password. These encrypted files may be organized into meaningful folder hierarchies, copied from computer to computer, and, in general, manipulated using standard command line file management utilities. pass makes managing these individual password files extremely easy. All passw

Topics: git pass password store zx2c4
Read More
Shop Amazon

Lessons in disabling RC4 in Active Directory (2021)

news.ycombinator.com Steve Syfuhs 2025-09-29 10:40:34

Was pulled in to a fun customer issue last Friday around disabling RC4 in Active Directory. What happened was, as you can imagine, not good: RC4 was disabled and half their environment promptly started having a Very Bad Day. — Steve Syfuhs (@SteveSyfuhs) March 1, 2021 Twitter warning: Like all good things this is mostly correct, with a few details fuzzier than others for reasons: a) details are hard on twitter; b) details are fudged for greater clarity; c) maybe I'm just dumb. RC4 is a stream

Topics: data key password rc4 salt
Read More
Shop Amazon

1Password Coupon: Score a Free Trial in September

wired.com Scott Gilbertson 2025-10-06 10:00:00

1Password has long been one of our favorite password managers. It's our upgrade pick for all the extra features it offers compared to other password managers. 1Password has apps that work just about everywhere, including on macOS, iOS, Android, Windows, Linux, and ChromeOS. There are plug-ins for your favorite web browser too, which makes it easy to generate and edit new passwords on the fly. What Are the Benefits of 1Password? There are also some very nice features in 1Password that you won't

Topics: 1password manager month password plan
Read More
Shop Amazon

Kerberoasting

news.ycombinator.com Matthew Green 2025-10-08 05:01:30

I learn about cryptographic vulnerabilities all the time, and they generally fill me with some combination of jealousy (“oh, why didn’t I think of that”) or else they impress me with the brilliance of their inventors. But there’s also another class of vulnerabilities: these are the ones that can’t possibly exist in important production software, because there’s no way anyone could still do that in 2025. Today I want to talk about one of those ridiculous ones, something Microsoft calls “low tech

Topics: microsoft network password service using
Read More
Shop Amazon

A security incident that may involve your Plex account information

news.ycombinator.com Unknown 2025-10-08 20:00:23

We have recently experienced a security incident that may potentially involve your Plex account information. We believe the actual impact of this incident is limited; however, action is required from you to ensure your account remains secure. What happened An unauthorized third party accessed a limited subset of customer data from one of our databases. While we quickly contained the incident, information that was accessed included emails, usernames, securely hashed passwords and authentication

Topics: account password plex security sign
Read More
Shop Amazon

Plex tells users to change their passwords after data breach

engadget.com Unknown 2025-10-10 06:26:35

The Plex streaming platform has experienced a security breach and is telling customers to change their passwords "immediately." They also suggest that users enable two-factor authentication and sign out of any connected devices that are currently logged in. The company says a database was accessed by an “an unauthorized third party” and that some customers had their emails, usernames and hashed passwords exposed. As indicated, the breach involved hashed passwords, which are scrambled through an

Topics: breach currently passwords plex says
Read More
Shop Amazon

Plex urges users to change passwords after data breach

techcrunch.com Zack Whittaker 2025-10-10 14:47:22

Streaming giant Plex is urging its customers to change their passwords after it disclosed a data breach of one of its user databases. The company said in a post on Monday that it was aware of a security incident involving the theft of Plex customer account information, including user names, email addresses, scrambled passwords, and unspecified authentication data. Plex said while the passwords were scrambled in a way that made them unreadable to humans, it’s unclear if the passwords can be dec

Topics: breach company data passwords plex
Read More
Shop Amazon

Another Plex data breach sees company urge users to change their password

9to5mac.com Ben Lovejoy 2025-10-10 18:36:15

A Plex data breach in 2022 exposed usernames, email addresses, and encrypted passwords. The company required all users to change their passwords as a precaution, and now history seems to be repeating itself. The company is again emailing users, using virtually identical wording to describe to report a new data breach with the same data obtained … 2022: A third-party was able to access a limited subset of data that includes emails, usernames, and encrypted passwords. 2025: An unauthorized th

Topics: change data password passwords plex
Read More
Shop Amazon

It’s time to change your Plex password again

theverge.com Thomas Ricker 2025-10-11 04:44:04

Dear Plex User, We have recently experienced a security incident that may potentially involve your Plex account information. We believe the actual impact of this incident is limited; however, action is required from you to ensure your account remains secure. What happened An unauthorized third party accessed a limited subset of customer data from one of our databases. While we quickly contained the incident, information that was accessed included emails, usernames, and securely hashed passw

Topics: account password plex reset security
Read More
Shop Amazon

Plex tells users to reset passwords after new data breach

bleepingcomputer.com Unknown 2025-10-11 03:03:02

Media streaming platform Plex is warning customers to reset passwords after suffering a data breach in which a hacker was able to steal customer authentication data from one of its databases. In a data breach notification seen by BleepingComputer, Plex says the stolen data includes email addresses, usernames, securely hashed passwords, and authentication data. "An unauthorized third party accessed a limited subset of customer data from one of our databases," reads the Plex data breach notifica

Topics: breach data log passwords plex
Read More
Shop Amazon

Plex Security Incident

news.ycombinator.com Unknown 2025-10-11 10:11:31

‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ Dear Plex User, We have recently experienced a security incident that may potentially involve your Plex account information. We believe the actual impact of this incident is limited; howev

Topics: account password plex reset security
Read More
Shop Amazon

Apple @ Work: How EasyLAPS secures local admin accounts on macOS

9to5mac.com Bradley C 2025-10-13 00:00:00

Apple @ Work is exclusively brought to you by Mosyle, the only Apple Unified Platform. Mosyle is the only solution that integrates in a single professional-grade platform all the solutions necessary to seamlessly and automatically deploy, manage & protect Apple devices at work. Over 45,000 organizations trust Mosyle to make millions of Apple devices work-ready with no effort and at an affordable cost. Request your EXTENDED TRIAL today and understand why Mosyle is everything you need to work with

Topics: apple device easylaps management password
Read More
Shop Amazon

1Password vs. NordPass: I tested both password managers, and here's the best pick

zdnet.com Emily Long 2025-10-14 22:51:00

1Password and NordVPN/ZDNET A password manager is an essential tool for generating, securely storing, and accessing credentials and other sensitive personal data across your devices, whether you need to log into your bank or fill out your information during online checkout. The best password management tools on the market do this seamlessly, but they have a range of features to meet varying user needs at different price points. In our head-to-head comparison of two of our favorite password man

Topics: 1password managers nordpass password user
Read More
Shop Amazon

7 Best Password Managers (2025), Tested and Reviewed

wired.com Scott Gilbertson 2025-10-14 22:00:00

Even the best password managers are the vegetables of the internet. We know they’re good for us, but most of us are happier snacking on the password equivalent of junk food. For nearly a decade, that’s been “123456” and “password”—the two most commonly used passwords on the web. The problem is, most of us don’t know what makes a good password and aren’t able to remember hundreds of them anyway. The safest (if craziest) way to store your passwords is to memorize them all. (Make sure they are lon

Topics: bitwarden manager passkeys password passwords
Read More
Shop Amazon

1Password vs. NordPass: Which password manager is best?

zdnet.com Emily Long 2025-10-15 10:00:18

1Password and NordVPN/ZDNET A password manager is an essential tool for generating, securely storing, and accessing credentials and other sensitive personal data across your devices, whether you need to log into your bank or fill out your information during online checkout. The best password management tools on the market do this seamlessly, but they have a range of features to meet varying user needs at different price points. In our head-to-head comparison of two of our favorite password man

Topics: 1password managers nordpass password user
Read More
Shop Amazon

I'm ditching passwords for passkeys for one reason - and it's not what you think

zdnet.com David Gewirtz 2025-10-19 14:47:00

Elyse Betters Picaro / ZDNET Follow ZDNET: Add us as a preferred source on Google. ZDNET's key takeaways Adoption of passkeys is fragmented across sites and devices. Users still need passwords for recovery and new device setup. Phishing protection makes passkeys worth adding, despite confusion. OK. Fine. I've finally decided to embrace passkeys. But why does it feel so icky? As you probably know, passkeys are the tech industry's answer to The Password Problem. Unlike password data, which

Topics: authentication passkey passkeys password sites
Read More
Shop Amazon

What Is a Passkey? Here’s How to Set Up and Use Them (2025)

wired.com Jacob Roach 2025-10-20 03:30:00

Passwords suck. They're hard to remember, but worse is playing the ever-evolving game of cybersecurity whack-a-mole with your most important accounts. That’s where passkeys come into play. The so-called “war on passwords” has taken off over the past two years, with titans like Google, Microsoft, and Apple pushing for a password-less future that the FIDO Alliance (a consortium made to “help reduce the world’s over-reliance on passwords”) has been trying to realize for over a decade. Like it or n

Topics: device key passkey passkeys passwords
Read More
Shop Amazon

Passkeys and Modern Authentication

news.ycombinator.com Unknown 2025-10-21 07:47:13

Passkeys and Modern Authentication There is an ongoing trend in the industry to move people away from username and password towards passkeys. The intentions here are good, and I would assume that this has a significant net benefit for the average consumer. At the same time, the underlying standard has some peculiarities. These enable behaviors by large corporations, employers, and governments that are worth thinking about. Attestations One potential source of problems here is the attestation

Topics: access google just passkeys password
Read More
Shop Amazon

Google’s new Passwords app just made it easier for me to ditch Chrome

androidauthority.com Unknown 2025-10-24 07:00:23

Megan Ellis / Android Authority I’ve been on a mission to de-Google my life as much as possible in an attempt to control how much information a single company has about me. While there are some essential Google services I will never part with, switching my browser from Chrome has been a priority. I slowly started doing this by trying out some of the best Chrome alternatives, finally settling on Brave. But I kept encountering hurdles as I tried to migrate everything to a new browser. Now that G

Topics: app chrome google manager password
Read More
Shop Amazon

High-severity vulnerability in Passwordstate credential manager. Patch now.

arstechnica.com Unknown 2025-10-27 18:46:43

The maker of Passwordstate, an enterprise-grade password manager for storing companies’ most privileged credentials, is urging them to promptly install an update fixing a high-severity vulnerability that hackers can exploit to gain administrative access to their vaults. The authentication bypass allows hackers to create a URL that accesses an emergency access page for Passwordstate. From there, an attacker could pivot to the administrative section of the password manager. A CVE identifier isn’t

Topics: access click credentials password passwordstate
Read More
Shop Amazon

Passwordstate dev urges users to patch auth bypass vulnerability

bleepingcomputer.com Unknown 2025-10-28 02:16:20

Click Studios, the company behind the Passwordstate enterprise-grade password manager, has warned customers to patch a high-severity authentication bypass vulnerability as soon as possible. Passwordstate works as a secure password vault that enables organizations to store, organize, and control access to passwords, API keys, certificates, and various other types of credentials via a centralized web interface. Click Studios says its Passwordstate password manager is used by over 370,000 IT prof

Topics: click company customers passwordstate studios
Read More
Shop Amazon

Beyond GDPR security training: Turning regulation into opportunity

bleepingcomputer.com Unknown 2025-11-01 21:00:10

By Eirik Salmi, System Analyst at Passwork Even though 88% of businesses spend over €1 million on GDPR compliance and 40% invest up to €10 million, 80% of their employees still ignore basic password security practices. The formal risk is obvious: GDPR fines can reach up to €20 million or 4% of global annual turnover. The informal one is quieter but often far more damaging: lost trust, declining customer loyalty, and disrupted operations. In 2024, European regulators issued fines exceeding €1.2

Topics: gdpr password real security training
Read More
Shop Amazon

Google just made it a whole lot easier to access Password Manager

androidauthority.com Unknown 2025-11-09 05:41:27

Mishaal Rahman / Android Authority TL;DR Google has launched a new Password Manager app. The app makes it faster and easier to access Password Manager on your phone. The app does not come with a themed icon. For those times when you forget a password, you can always check Google Password Manager, which is built into your Android phone. And if you want to see if any of your passwords have been compromised, it can do that too. While Password Manager can be a pretty helpful tool, there isn’t re

Topics: app google manager new password
Read More
Shop Amazon

Major password managers can leak logins in clickjacking attacks

bleepingcomputer.com Unknown 2025-11-12 15:49:53

Six major password managers with tens of millions of users are currently vulnerable to unpatched clickjacking flaws that could allow attackers to steal account credentials, 2FA codes, and credit card details. Threat actors could exploit the security issues when victims visit a malicious page or websites vulnerable to cross-site scripting (XSS) or cache poisoning, where attackers overlay invisible HTML elements over the password manager interface. While users believe they are interacting with h

Topics: attack manager password tóth users
Read More
Shop Amazon

5 password managers you should use instead of LastPass

androidauthority.com Unknown 2025-11-18 14:00:30

Joe Hindy / Android Authority There was a time when LastPass was THE password manager everyone should be using. That statement still stands, but with one small twist: LastPass is now the number one password manager everyone should stay far away from. The reason for this? Multiple rounds of leaks and a series of security vulnerabilities. Give LastPass a hard pass, because there are so many better options available — ones that are both more secure and convenient — you’ll wonder why you didn’t sw

Topics: lastpass like manager password proton
Read More
Shop Amazon

275M patient records breached—How to meet HIPAA password manager requirements

bleepingcomputer.com Unknown 2025-11-28 23:57:05

In 2024, the healthcare sector experienced over 700 data breach incidents, which is higher than any other industry, including finance. These breaches exposed more than 275 million patient records, with password-related vulnerabilities serving as the primary attack vector in most of the cases. While threat actors use various penetration methods, compromised credentials remain the most consistent and damaging entry point. These statistics reflect a fundamental threat to patient and organizationa

Topics: healthcare hipaa organizations password security
Read More
Shop Amazon

7 password managers to help keep your apps safe

theverge.com Barbara Krasnoff 2025-12-02 04:00:00

is a reviews editor who manages how-tos and various projects. She’s worked as an editor and writer (and occasional sci-fi author) for more years than she cares to admit to. Posts from this author will be added to your daily email digest and your homepage feed. Passwords still seem to be the most popular method of ensuring that the right person is using the right app or service, despite the slow adoption of passkeys, which are considered more secure. And because we should be using different one

Topics: free password passwords version year
Read More
Shop Amazon
Trending Topics
Hot Now
ai 3672 apple 3045 new 2421 google 2039 content 1738
Popular
like 1508 company 1433 pro 1341 iphone 1181 app 1134 zdnet 1119 said 1072 data 1055 does 912 reviews 897
Emerging
editorial 876 amazon 864 game 811 samsung 781 phone 768 pixel 762 android 743 just 725 users 689 available 687
About GoKawiil

GoKawiil is a project by nerdhub.co that curates technology news from trusted sources. We built this site to provide a cleaner, more mobile-friendly experience without intrusive ads or heavy JavaScript.

Privacy

Your privacy matters. GoKawiil doesn't use Google Analytics or Facebook Pixel. The only tracking occurs through affiliate links to Amazon.

Advertising

Interested in advertising? Contact us at [email protected]