I long for the future where I can safely assume my passwords are stolen.
posted by stoneweaver on Apr 29, 2013 - 20 comments

Mat Honan of Wired has a covetableTwitter username (@mat). Recently hackers tore his digital world apart in an attempt to commandeer it. Now he reflects: The age of the password has come to an end; we just haven’t realized it yet. And no one has figured out what will take its place. What we can say for sure is this: Access to our data can no longer hinge on secrets—a string of characters, 10 strings of characters, the answers to 50 questions—that only we’re supposed to know. The Internet doesn’t do secrets. Everyone is a few clicks away from knowing everything.
posted by rongorongo on Nov 16, 2012 - 75 comments

What are the most common and least common 4-digit PINs? Using data from recent password database leaks, an analysis of PINs. (via Schneier)
posted by fings on Sep 19, 2012 - 91 comments

Choosing good passwords - a straightforward real-world guide for the average user, by AusCERT. Also includes links out to a fun and informative piece on The Top 500 Worst Passwords of All Time, and more in-depth material aimed at the tech and security savvy, like this enjoyable conference talk: Security As If Your Life Depended On It (because it might!). So we can avoid becoming xkcd cartoons.
posted by philipy on Feb 26, 2012 - 71 comments

"One in three teens has shared a password with a friend or significant other." [more inside]
posted by jeffburdges on Jan 24, 2012 - 62 comments

In last week's post about the PSN security breach, several MeFites recommended LastPass for storing passwords. Well, yesterday they found some anomolous network traffic, and they're asking all users to update their master password. (Some notes from James Fallows of The Atlantic. One guy explaining why you shouldn't freak out. Ask MeFi: "What simple, secure, portable password and secure data management systems do you use?")
posted by epersonae on May 5, 2011 - 97 comments

A thread at Apple's Support site has popped up with frustrated users describing nearly identical iTunes account disruptions: up to hundreds of dollars of charges are being racked up by fraudulent buyers, using iTunes gift card balances and even credit card information to fund the purchases. [more inside]
posted by Khazk on Mar 9, 2011 - 71 comments

An anonymous hacking outfit called "Gnosis" has infiltrated Gawker Media, hijacking the front page and leaking the company's internal chat logs, source code, and content databases along with the usernames, email addresses, and passwords of over 1.3 million users (including Gawker staff). The attack, which was motivated by what the group describes as the "outright arrogance" with which the company's bloggers taunted anonymous imageboard 4chan (semi-previously), affects every site in the Gawker network, including Gizmodo, Kotaku, Lifehacker, Jezebel, Deadspin, Jalopnik, and io9. While most of the leaked passwords are encrypted, more than 200,000 of the simpler ones in the torrent file have been cracked, and the links between account names and email addresses are in plaintext for all to see. Since the integrity of Gawker's encryption methods remains in doubt, it is recommended that anyone who has ever registered an account on any Gawker property change their passwords immediately, especially if the same log-in information is used for other services.
posted by Rhaomi on Dec 12, 2010 - 312 comments

How secure is your password? If you're like some people, it's probably not secure enough. When did you last change yours?
posted by chuckdarwin on Jun 13, 2007 - 66 comments

Write down your password. Bruce Schneier, Author of Applied Cryptography and founder of Counterpane security is urging people to write down their passwords.
posted by delmoi on Jun 21, 2005 - 68 comments

Does it bug anyone else that if you have a MetaFilter account with cookies enabled, it automatically enters your password (which can be read in view source)???
Personally I think this is a very bad thing, as I've visited metafilter at the library a few times..
posted by Bane on Jun 28, 2000 - 15 comments