Zenbleed: How the quest for CPU performance could put your passwords at risk
"You need to turn on a special setting to stop the code you wrote to stop the code you wrote to improve performance from reducing performance from reducing security."
Password security helps prevent unauthorized access, while weak or reused credentials can expose accounts, systems, and sensitive data.
Search across headline titles and summaries.
Background for this topic.
Passwords are secret strings used to verify identity and control access to accounts, devices, applications, and services. They remain a common authentication method, but their security depends mainly on secrecy, length, and uniqueness rather than predictable complexity rules. A password reused across services can expose multiple accounts if one service is compromised; short, common, or previously leaked passwords are more susceptible to guessing and automated credential-stuffing attacks.
Practical defenses include using a password manager to generate and store a distinct, long password for each service, blocking known compromised passwords, and enabling multi-factor authentication (MFA) where available. Organizations should protect stored passwords with slow, salted one-way hashing, restrict and monitor authentication attempts, and provide secure recovery processes. Password changes are most useful after suspected compromise or exposure, rather than as routine changes that encourage predictable variations. Security teams should also treat password databases and reset mechanisms as sensitive assets during vulnerability assessment and incident response.
Weekly headline count for the current query.
"You need to turn on a special setting to stop the code you wrote to stop the code you wrote to improve performance from reducing performance from reducing security."
Did you prevent password-only logins on your SSH servers? On ALL of them? Are you sure about that?
These malware peddlers are specifically going after Mac users. The hint's in the name: "Atomic macOS Stealer", or AMOS for short.
CryptBot criminals are alleged to have plundered browser passwords, illicitly-snapped screenshots, cryptocurrency account data, and more.
Four straight-talking tips to improve your online security, whether you're a LifeLock customer or not.
"When those invitations went out... somehow, your password hash went out with them."
More supply chain trouble - this time with clear examples so you can learn how to spot this stuff yourself.
Latest episode - listen now!
Crooks don't need a password for every user on your network to break in and wreak havoc. One could be enough...
Latest episode - listen now!
Yes, passwords are going away. No, it won't happen tomorrow. So it's still worth knowing the basics of picking proper passwords.
Instagram scams don't seem to be dying out - we're seeing more variety and trickiness than ever...