Aral Balkan
boosted
Louvre surveillance system #password was LOUVRE
Louvre surveillance system #password was LOUVRE
Ben Ramsey
boosted
I took the time to update https://packagist.org/packages/stella-maris/nist-password to the latest version of the NIST specs regarding passwords. It's now also tested on PHP8.1 through PHP8.5
If you are looking for a library to make sure your passwords are compliant to the latest security rules, this might be for you.
Feel free to open an issue when you're missing something.
I took the time to update https://packagist.org/packages/stella-maris/nist-password to the latest version of the NIST specs regarding passwords. It's now also tested on PHP8.1 through PHP8.5
If you are looking for a library to make sure your passwords are compliant to the latest security rules, this might be for you.
Feel free to open an issue when you're missing something.
ajuvo ✔
boosted
Oh, yeah! #Plex got hacked!
They SAY passwords were hashed, but PLEASE #reset your plex #password and force a sign-out on ALL devices using their interface as follows:
When doing so, there's a checkbox to "Sign out connected devices after password change," which we recommend you enable.
Irritating...especially cos they don't say WHEN this happened!
Oh, yeah! #Plex got hacked!
They SAY passwords were hashed, but PLEASE #reset your plex #password and force a sign-out on ALL devices using their interface as follows:
When doing so, there's a checkbox to "Sign out connected devices after password change," which we recommend you enable.
Irritating...especially cos they don't say WHEN this happened!
der.hans
and 1 other
boosted
#McDonald’s #AI Hiring #Bot Exposed Millions of Applicants’ Data to Hackers Who Tried the #Password ‘123456’
Basic #security flaws left the personal info of tens of millions of McDonald’s job-seekers vulnerable on the “McHire” site built by AI software firm https://Paradox.ai.
https://www.wired.com/story/mcdonalds-ai-hiring-chat-bot-paradoxai/
https://archive.ph/1Y8Oq
#ITSec
Basic #security flaws left the personal info of tens of millions of McDonald’s job-seekers vulnerable on the “McHire” site built by AI software firm https://Paradox.ai.
https://www.wired.com/story/mcdonalds-ai-hiring-chat-bot-paradoxai/
https://archive.ph/1Y8Oq
#ITSec
#McDonald’s #AI Hiring #Bot Exposed Millions of Applicants’ Data to Hackers Who Tried the #Password ‘123456’
Basic #security flaws left the personal info of tens of millions of McDonald’s job-seekers vulnerable on the “McHire” site built by AI software firm https://Paradox.ai.
https://www.wired.com/story/mcdonalds-ai-hiring-chat-bot-paradoxai/
https://archive.ph/1Y8Oq
#ITSec
Basic #security flaws left the personal info of tens of millions of McDonald’s job-seekers vulnerable on the “McHire” site built by AI software firm https://Paradox.ai.
https://www.wired.com/story/mcdonalds-ai-hiring-chat-bot-paradoxai/
https://archive.ph/1Y8Oq
#ITSec
While I appreciate the #password requirements, I admit to being at a loss atm.
So is my @bitwarden 😅
Joel Michael
boosted
This dumb password rule is from Bendigo Bank.
Exactly eight characters.
https://dumbpasswordrules.com/sites/bendigo-bank/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
This dumb password rule is from Bendigo Bank.
Exactly eight characters.
https://dumbpasswordrules.com/sites/bendigo-bank/
#password #passwords #infosec #cybersecurity #dumbpasswordrules
If you have been looking for a password manager giving you full control over your data, KeePassium for iOS and macOS is a fantastic option.
https://www.privacyguides.org/articles/2025/05/13/keepassium-review/
#KeePassium #KeePass #PasswordManager #KeePassXC #Privacy #Security #Password #iOS #macOS #PrivacyGuides #Article
This World Password Day, it's important to remember these best practices for keeping your online accounts safe!
1. Use randomly generated, unique passwords for every website!
2. Use a password manager! Our website has many recommendations to take your pick from. It can seem a little intimidating at first, but trust us, it will make your digital life SO much easier going forward!
https://www.privacyguides.org/en/basics/passwords-overview/
#WorldPasswordDay #Security #Password #Privacy #PrivacyGuides
Of course, this new credentials checker in #swad needs a #tool to edit these #password files, that's currently work in progress.
I just implemented the class for reading a password, pretty simple thing from a pipe, but an "interesting" job from a #terminal. Turns out doing that portably, reliably and secure needs quite some code. 🙈
There's #getpass, but that's deprecated for good reasons (global state and not perfectly clear how it deals with #signals that could interrupt the input). And there's the sane replacement #readpassphrase in some systems (e.g. #FreeBSD), but that's not portable. 🙃
So, plain old #tcsetattr it is, with some signal handling on top:
https://github.com/Zirias/swad/commit/447f48096fc275a5bae113393ffe9a3cbc66cc95
So, Cloudflare analyzed passwords people are using to log in to sites they protect and discovered lots of re-use.
Let me put the important words in uppercase.
So, CLOUDFLARE ANALYZED PASSWORDS PEOPLE ARE USING to LOG IN to sites THEY PROTECT and DISCOVERED lots of re-use.
[Edit with H/T: https://benjojo.co.uk/u/benjojo/h/cR4dJWj3KZltPv3rqX]
https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/