We’ve written about password reuse before, and we’ll be writing about it again. Password reuse—using the same password for multiple sites or services—is both rampant and dangerous. There is real evidence that people are getting robbed because they are reusing their passwords. Thieves systematically exploit reused password to pay for retail items or hijack accounts [...]

Yes, the stories are true, and no, this isn’t The Onion. People are, once again, displaying their affinity for tweeting photos of things that should never be tweeted. Let’s set the scene and put you in the shoes of a number of today’s (possibly young, possibly naïve) Twitter users: you get your first debit card, [...]

Having a Microsoft code signing certificate is the Holy Grail of malware writers. This has now happened.—Mikko Hypponen Unless you are a system administrator for a government institution in or around the Middle East you do not need to worry about Flame infecting your computer. Flame (also known as “Flamer” and “skywiper”) itself is not [...]

I am not giving anyone health advice. Instead, I’m going to use the example of the recent LinkedIn breach to talk about hashes and salt. Not the food, but the cryptology. Before you dive into this article, you should certainly review the practical advice that Kelly has posted first. Also Kelly’s article has more information [...]

Today it was reported LinkedIn had a password breach. This is the most frustrating sort of security problem, because even if you’re using all the security available on the longest most complex password you can generate, that doesn’t help if someone else gets ahold of it. As more and more services are offered online, and [...]

It seems that my ability to predict the future with respect to Mac malware is, indeed, on par with Digitime’s ability to predict anything. Just recently I wrote, “on the Mac, Leopard and Tiger are no longer being updated”. To prove me wrong (yeah, I’m sure that’s why they did it), Apple has just released [...]

I’ve been talking a lot lately about the importance of keeping systems up to date and the role this plays in keeping malware at bay. I even suggested that Mac users are particularly good at keeping there systems up to date. So if you’re on OS X 10.6 Snow Leopard or 10.7 Lion, please help [...]

It’s tough to make predictions, especially about the future. —Yogi Berra In Part 1 of this series I discussed how your 1Password data may (or may not) be threatened if your computer gets infected with some kind of malware, particularly Flashback. In Part 2, I reviewed the few simple things everyone should do to keep [...]

If you have been using Apple’s FileVault to encrypt your home folder on OS X, read on. There is an important security bug and action you should take. This is an Apple security issue that does not affect 1Password 3 or Knox for Mac, but it is an important enough issue that I’m announcing it [...]

Just the place for a Snark! I have said it twice: That alone should encourage the crew. Just the place for a Snark! I have said it thrice: What I tell you three times is true. —Lewis Carroll “The Hunting of the Snark” In Part 1 of this series I discussed how your 1Password data [...]