Two-factor authentication is an extra layer of security for your Apple ID designed to ensure that you’re the only person who can access your account, even if someone knows your password.
With two-factor authentication, your account can only be accessed on devices you trust, like your iPhone, iPad, or Mac. When you want to sign in to a new device for the first time, you’ll need to provide two pieces of information—your password and the six-digit verification code that’s automatically displayed on your trusted devices. By entering the code, you’re verifying that you trust the new device. For example, if you have an iPhone and are signing into your account for the first time on a newly purchased Mac, you’ll be prompted to enter your password and the verification code that’s automatically displayed on your iPhone.
Because your password alone is no longer enough to access your account, two-factor authentication dramatically improves the security of your Apple ID and all the personal information you store with Apple.
Once signed in, you won’t be asked for a verification code on that device again unless you sign out completely, erase the device, or need to change your password for security reasons. When you sign in on the web, you can choose to trust your browser, so you won’t be asked for a verification code the next time you sign in from that computer.
Source: Two-factor authentication for Apple ID – Apple Support
People love to use the same password over and over again, or they invent some amazing scheme like the same single word followed by their birth year, or replacing a’s with 4’s. And no matter how many password database get hacked the idea that password security matters doesn’t seem to really sink in.
When I do get someone to listen I tell them to use diceware generated passwords and them write them down in a little book and guard the book jealously (actually, I tell them to use a password manager but most people seem to balk at using software I think for fear of losing their passwords).
But then they often ask the sensible question: “What if someone steals that book?” And so I suggest a ‘two factor’ solution.
Continue reading: Two factor paper passwords | John Graham-Cumming
Hospitals, school districts, state and local governments, law enforcement agencies, small businesses, large businesses—these are just some of the entities impacted recently by ransomware, an insidious type of malware that encrypts, or locks, valuable digital files and demands a ransom to release them.
FBI offers tips to protect yourself and your organization from this growing threat.
Source: FBI — Incidents of Ransomware on the Rise
A man is held in prison for seven months after failing to decrypt two hard drives that investigators suspect contain indecent images of children.
A court order says the man will remain jailed “until such time that he fully complies” with an order to unlock the password-protected devices.
The US man, who has not been charged with possessing illegal images, is appealing against his detention.
Source: Man jailed for failing to decrypt hard drives – BBC News
At some point in your life, you will likely have assets and investments that you need to make arrangements for in the event of your passing. You may also have children, spouses or other loved ones who need to be looked after if something happens to you. And at some point, you may need to care for a spouse or close family member, or put their affairs in order after they pass on.
Nothing can spare us the heartache of these life events, but you can prevent unnecessary difficulties and stress by planning ahead. When preparing a will, many of us focus on our monetary and physical assets. But what about social media accounts? Or email addresses? Or the myriad of online accounts we use to manage our lives, every day?
Making a “digital will” that includes passwords and other important digital details will go a long way in helping those who need to settle your affairs, or in helping you if you need to settle the affairs of others.
Source: Preparing a Digital Will for Your Passwords | The LastPass Blog
By Ben Gruber San Francisco, CA (Reuters) – Marc Newlin and Balint Seeber are checking how far apart they can be while still being able to hack into each other’s computers. It turns out its pretty far – 180 meters – the length of a city block in San Francisco. The pair work for Bastille, a startup cyber security company that has uncovered a flaw they say leaves millions of networks and billions of computers vulnerable to attack. Wireless mice from companies like HP, Lenovo, Amazon and Dell use unencrypted signals to communicate with computers. “They haven’t encrypted the mouse traffic, that makes it possible for the attacker to send unencrypted traffic to the dongle pretending to be a keyboard and have it result as keystrokes on your computer.
Source: Wireless mice leave billions at risk of computer hack: cyber security firm
ESET researchers have discovered a new, ingenious, yet very simple Facebook phishing scheme: playable Android games that, before they are started, ask users to enter their Facebook credentials.
The researchers found two such games on Google Play. Cowboy Adventure, which has been downloaded and installed by half a million to a million Android users, and the less popular Jump Chess (1,000 – 5,000 installs). Both apps were offered for free.
Source: Popular Android games unmasked as phishing tools
Passwords have existed as a means of security for millennia. And for most of their history, they’ve worked as advertised. But now that society has transitioned to digital, a massive market for stolen data has sent security experts scrambling to put out fires, all the while pleading with their clients to make their passwords more secure.
There may be a way to keep passwords and the convenience they provide without requiring people to do significantly more work. It’s called multi-factor authentication and it makes passwords work better by authenticating something else in addition to the password. It could be device authentication, knowledge authentication or even biometric authentication.
Source: Is it time to finally get rid of the password? – Quartz
Own-Mailbox is a home-plugged personal email server, with strong privacy protection measures integrated at its core. It provides self-hosted email addresses, or connects with your existing email address. In both cases you can seamlessly send and receive encrypted emails from anywhere in the world, through Own-Mailbox webmail, Smartphone app, or through an external email software (Thunderbird, Outlook, …).
Own-mailbox, is very easy to set-up and use: as easy as a gmail account.
Own-mailbox automatically encrypts your emails with Gnu Privacy Guard, a strong encryption software, the same software as used by Edward Snowden.
Own-mailbox allows you to send and receive 100% confidential messages even with people who don’t use email encryption yet. For this purpose we introduce PLM, a new technique consisting in sending to your correspondent, a filtered and temporary HTTPS link, pointing to your private message hosted on your Own-Mailbox.
Source: Own-Mailbox, the first 100% confidential Mailbox.