Bad password practices. Data scraping and data dumps. Sidestepping privacy protections. No honor among thieves.


At a glance.

  • Password users behaving badly.
  • Implications of the Facebook data dump.
  • Sidestepping Apple privacy policies.
  • Crooks mistreating other crooks.
  • Comment on the LinkedIn data scraping incident.

Passwords: out of sight, out of mind. (And out of control.)

There’s a battle raging between two conflicting forces: the need for secure passwords, and the frailty of human memory. The LastPass Blog explores the results of a recent survey they conducted on two thousand Americans and their password habits. While 70% feel they have too many passwords to remember, on average they use the same password over six sites. And with the surge in remote work meaning most individuals need to access various accounts on multiple devices, 65% experience anxiety when they realize they’re using a device that doesn’t have the password they need. SiliconANGLE notes that, according to the Workplace Password Malpractice Report, 62% of US employees write their passwords down on a piece of paper. TechRadar adds that while a whopping 81% store that piece of paper right next to the device the password is meant to protect, and 67% admit they don’t even know where that paper is. Nearly half store their passwords in an unprotected document in the cloud, and troublingly, nearly two-thirds have shared their password with someone via text or email. 

What does the Facebook data leak mean for Facebook users?

Now that the Facebook data leak is front-page news, the big question has become, what can users do if they fear they’re among the half-billion individuals exposed? Forbes explores the difficulty of trying to protect oneself in this type of situation. If it were just passwords that were exposed, changing login info would be an easy fix. But these hackers leaked data like names, birthdates, and addresses — things that are difficult to change on a whim — and all for free. 

CyberNews shares the views of several industry experts. “Putting it out for free also provides some cover should anyone try to trace the stolen data back to its source. Yet another explanation could be that a competing criminal element or other entity put the data out there to demonetize it and take value away from the criminals,” said…

Source…