Hasta La Gadget!

Passwords are one of the weakest links of online security. Or rather, people who have weak passwords are the weakest links. I personally know of a couple of people who use dead simple passwords because they’re afraid that if they use more secure but more complex ones that they’ll just forget those and end up locking themselves out of their own accounts. That’s the problem that the Aladdin is designed to solve.

Invented by Alvin Chang, the Aladdin is a small USB device that generates a random password and types it for you by emulating a USB keyboard. Used in the simplest way, it really does work like a physical key: plug it into your computer and it unlocks your account. But for those who want added security, you can also modify – and re-use – the alphanumeric string generated by Aladdin by adding or subtracting characters from it. Skip to about 1:20 in the video below for the demo:

Note that there are free software alternatives to managing secure passwords such as LastPass and KeePass. Then there’s the security risk of losing the Aladdin or having it stolen from you. But if you just want to get in your Facebook account the same way you get in your house, pledge at least $20 (USD) on its Indiegogo fundraiser to reserve an Aladdin.

[via Gajitz]

Do you remember the nonchalant manner in which Loki obtained an eyeball at a ball (sorry, I just could not resist that) in the Avengers? Well, biometric security measures are not exactly the newest kid on the block when it comes to data security, but there has been progress made in this department, with the latest kind of password involving you to look into a camera, and when the camera detects the right kind of eye movements, it will unlock the computer or device. In a nutshell, passwords of the future could very well be your eye movement, now how about that? It is also safer for your eyeball, since there is no need for a thieving mind to actually gouge out your eyeball as that would be pretty much as useful as using the Apple Maps app on your iPhone 5 to search for public transport schedules.

(more…)

By Ubergizmo. Related articles: Open Home WiFi Access Led to SWAT Raid on Innocent Family Home, eHarmony confirms password breach ,

By now, you may have heard the story of the identity ‘hack’ perpetrated against Wired journalist Mat Honan. Using easily obtained data, an anonymous duo bluffed its way into changing his Amazon account, then his Apple iCloud account, then his Google account and ultimately the real target, Twitter. Both Amazon and Apple were docked for how easy it was to modify an account over the phone — and, in close succession, have both put at least a momentary lockdown on the changes that led to Honan losing much of his digital presence and some irreplaceable photos. His own publication has reportedly confirmed a policy change at Amazon that prevents over-the-phone account changes. Apple hasn’t been as direct about what’s going on, but Wired believes there’s been a 24-hour hold on phone-based Apple ID password resets while the company marshals its resources and decides how much extra strictness is required.

Neither company has said much about the issue. Amazon has been silent, while Apple claims that some of its existing procedures weren’t followed properly, regardless of any rules it might need to mend. However the companies address the problem, this is one of those moments where the lesson learned is more important than the outcome. Folks: if your accounts and your personal data matter to you, use truly secure passwords and back up your content. While Honan hints that he may have put at least some of the pieces back together, not everyone gets that second chance.

Filed under: Internet

Amazon, Apple stop taking key account changes over the phone after identity breach originally appeared on Engadget on Tue, 07 Aug 2012 23:40:00 EDT. Please see our terms for use of feeds.

Permalink   |  Wired (1), (2)  | Email this | Comments

In mid-July, Dropbox users reported receiving spam in email accounts created exclusively for the service. Now, the company has admitted that, while it wasn’t hacked, the problem was the result of a security breach. More »

Redmond’s console gaming network may not have suffered a breach of security comparable to last year’s PSN fumble, but that doesn’t mean it hasn’t braced for impact. According to Xbox Live General Manager Alex Garden, Microsoft has made great strides in account security by taking legal action against sites who share phished usernames and passwords, enacting two-step login verification for untrusted devices and pushing fresh security updates to devices. Even so, Garden says that many of Xbox Live’s account protection measures rely on member profiles being up to date, and heartily encourages users to make sure their security information is accurate. Get the word directly from the horses mouth at the source link below.

Filed under: Gaming

Microsoft fights back against Xbox Live account threats, begs you to update your security settings originally appeared on Engadget on Thu, 19 Jul 2012 08:01:00 EDT. Please see our terms for use of feeds.

Permalink   |  Xbox  | Email this | Comments