As of June 4, Microsoft will disable the master password feature in Edge, replacing it with device-based authentication such as Windows Hello, which includes PINs, fingerprint scans, and facial recognition.
Tag: password
AI, Global Security News
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
Password manager Dashlane has disclosed that “fewer than” 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party. On May 31, 2026, the company said an “external” threat actor launched a brute-force attack against certain Dashlane user accounts with the aim of breaking two-factor…
AI, Global Security News
Meta AI customer support tricked into forwarding password reset codes
Cybercriminals engaged with Meta’s AI chatbot, convincing it to initiate a password reset sequence for a user’s account without proper identity verification.
AI, Global Security News
Brute-force attack triggers Dashlane account lockouts
Password manager Dashlane has confirmed that a brute-force attack targeting user accounts triggered temporary account suspensions and authentication issues. The company first acknowledged the incident on May 31 after users reported receiving account suspension emails and experiencing login problems. “Your account has been temporarily suspended for security reasons as someone has attempted to register a…
AI, Global Security News
Proton Pass adds monitored credential sharing for AI agents
Proton Pass, a secure, end-to-end encrypted password manager, added credential sharing through AI access tokens, allowing users to give AI agents access to selected items and monitor activity. To gain access, an agent must provide a reason for the request so users can see what actions are being performed. Access tokens are available with Pass…
Global Security News
Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes
Qualys finds nine-year-old Linux ptrace flaw exposing SSH keys and password hashes locally
AI, Global Security News
Why Changing Passwords Doesn’t End an Active Directory Breach
Resetting a password doesn’t always remove attackers from Active Directory. Specops Software explains how cached credentials and Kerberos tickets can keep attackers authenticated after a reset. […]
AI, Data Breaches, Global Security News, Network Security
World Password Day 2026: Passwords Still Matter (Whether We Like It or Not)
World Password Day 2026: Passwords Still Matter (Whether We Like It or Not) Every year, World Password Day comes around and we all pretend we’ve moved beyond passwords. We haven’t. Passwords are still everywhere. Still fragile. Still one of the easiest ways into an environment. And despite all the talk about passkeys and passwordless futures,…
AI, Apps, Cybersecurity, Data Breaches, Endpoint, Global Security News, Risk Management
World Password Day 2026: Why Strong Passwords Alone Are No Longer Enough
Every year, World Password Day reminds individuals and organizations to create stronger passwords, avoid password reuse, and enable multi-factor authentication (MFA). While these practices remain important, new research from Proton suggests that traditional password security advice is no longer enough to protect modern businesses from cyber threats. Key Takeaways Despite 92% of small businesses investing…
AI, Exploits, Global Security News, malware, Risk Management
Edge browser leaves passwords exposed in plain text, says researcher
A Norwegian researcher has identified an issue with Microsoft Edge’s Password Manager that could be a serious concern for businesses. Tom Jøran Sønstebyseter Rønning found that passwords are being saved within the browser in plain text, with the effect that any PC, particularly a shared machine, within an organization is a potential risk. In a…
AI, Exploits, Global Security News, malware, Risk Management
Edge browser leaves passwords exposed in plain text, says researcher
A Norwegian researcher has identified an issue with Microsoft Edge’s Password Manager that could be a serious concern for businesses. Tom Jøran Sønstebyseter Rønning found that passwords are being saved within the browser in plain text, with the effect that any PC, particularly a shared machine, within an organization is a potential risk. In a…
Cybersecurity, Data Breaches, Global Security News
11 Password Management Mistakes You Should Avoid
Today, we will show you the 11 password management mistakes you should avoid. We all know the importance of keeping our passwords safe. According to the 2019 Verizon Data Breach Investigations Report (DBIR), passwords are still a major security challenge. The data showed that 80% of hacking-related data breaches involved passwords. It isn’t easy to…
AI, Global Security News
Is a $30,000 GPU Good at Password Cracking?
A $30,000 AI GPU doesn’t outperform consumer GPUs at password cracking. Specops explains why attackers don’t need exotic hardware to break weak passwords. […]
AI, Global Security News
7 Ways to Prevent Privilege Escalation via Password Resets
Password resets are often weaker than login security, making them a prime target for privilege escalation. Specops Software explains how attackers abuse reset workflows and how to secure them. […]
AI, Data Breaches, Global Security News
Why Password Audits Miss the Accounts Attackers Actually Want
Password audits often focus on complexity rules but miss the accounts attackers actually target. Specops Software explains how breached passwords, orphaned users, and service accounts can leave organizations exposed. […]
AI, Global Security News
Fake LastPass support email threads try to steal vault passwords
Password management software provider LastPass is warning users of a phishing campaign targeting its users with fake unauthorized account access alerts. […]
AI, Global Security News
Researchers Demonstrate 27 Attacks Against Major Password Managers
Researchers demonstrate multiple attacks against major password managers, showing how compromised servers and design flaws can expose encrypted vault data.
AI, Global Security News
Design weaknesses in major password managers enable vault attacks, researchers say
Can cloud-based password managers that claim “zero-knowledge encryption” keep users’ passwords safe even if their encrypted-vault servers are compromised? Researchers at ETH Zurich and Università della Svizzera italiana set out to answer that question, and the answer is (unfortunately) no. Attack paths against encrypted vaults Cloud-based password managers store users’s passwords in a password vault,…
AI, Global Security News
Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers
A new study has found that multiple cloud-based password managers, including Bitwarden, Dashlane, and LastPass, are susceptible to password recovery attacks under certain conditions. “The attacks range in severity from integrity violations to the complete compromise of all vaults in an organization,” researchers Matteo Scarlata, Giovanni Torrisi, Matilda Backendal, and Kenneth G. Paterson said.
AI, Cybersecurity, Global Security News, privacy, Risk Management
Oops! I auto-filled my password into a cookie banner
We unpack how some password managers can be tricked into coughing up your secrets, with a clickjacking sleight-of-hand, what website owners can do to prevent it, and how to lock down your personal password vault. Then we time-hop to the post-quantum scramble: “harvest-now, decrypt later”, Microsoft’s 2033 quantum-safe pledge, and whether your printer will survive…