Password Management

Facebook Patches Password Reset Vulnerability

Facebook has patched a vulnerability that could have allowed a malicious user to bypass certain security restrictions, according to Sow Ching Shiong, an independent security researcher who discovered the flaw on the popular social network earlier this week.

The U.S. Chamber of Commerce held a press conference this morning to unveil details surrounding a National Strategy for Trusted Identities in Cyberspace, or NSTIC as they are calling it.

While the press conference was somewhat vague in terms of specifics, the initiative appears to be designed to build a voluntary transactional ecosystem of trust between businesses and individuals online, or, more generally between anyone or thing attempting to transmit money, goods, or ideas online.

Guest editorial by Alex Rothacker Most users are aware of the risks connected to the default, blank and weak username/password combinations associated with most applications. Yet it amazes the research community that many companies still don’t heed the following simple advice:1) Don’t use easily guessed passwords. 2) Change the default credentials that ship with your apps, and 3) Please do not just leave the passwords blank! 

Researchers at the University of Cambridge Computer Laboratory, say the
3D Secure (3DS) authentications system branded as the “Verified by
Visa” and “MasterCard SecureCode” schemes are “a text book example of
how not to design an authentication protocol.” Read the full article. [The H Security]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.