Hacker News with Generative AI: Passwords

An update on improving passkey support in Linux (iinuwa.xyz)
With the announcements from big companies at World Password Day about passkeys, I thought I should share what I've been working on for passkey support on Linux.

Security, Linux, Passwords, Web Authentication

7 points by K7PJP 35 days ago | 1 comments

Passphrases made with slang, band names, movie titles, insults, and jobs (slang45.com)
73 Billion-ish combinations possible. It's like listening to your drunk uncle explain something Carl Sagan said.

Security, Passwords, Language, Humor

4 points by geocrasher 37 days ago | 1 comments

Write your passwords down (2010) (jgc.org)
Here's my advice on password security based on the collected opinions of others:1. Write them down and keep them in your wallet because you are good at securing your wallet. (ref)2. Use different passwords on every web site because if you don't one site hacked = all your accounts hacked. (ref)3. Use passwords of at least 12 characters. (ref)4. Use mixed-case, numbers and special characters.

Security, Passwords, Web Security, Humor, Advice

10 points by Tomte 39 days ago | 0 comments

Microsoft's new "passwordless by default" is great but comes at a cost (arstechnica.com)
Microsoft says it’s making passwordless logins the default means for signing in to new accounts, as the company helps drive an industry-wide push to transition away from passwords and the costly security problems they have created for companies and their users.

Security, Microsoft, Passwords

33 points by tatersolid 56 days ago | 28 comments

Microsoft Makes New Accounts Passwordless by Default (microsoft.com)
Happy World Passkey Day!

Security, Microsoft, Passwords

4 points by m463 56 days ago | 0 comments

Microsoft makes all new accounts passwordless by default (bleepingcomputer.com)
Microsoft has announced that all new Microsoft accounts will be "passwordless by default" to secure them against password attacks such as phishing, brute force, and credential stuffing.

Security, Microsoft, Accounts, Passwords

8 points by XzetaU8 56 days ago | 1 comments

Google Chrome 136 automatically upgrades your accounts to use passkeys (lapcatsoftware.com)
Chrome version 136.0.7103.49, released today by Google, includes a new setting in its Password Manager (chrome://password-manager/settings).

Security, Browsers, Passwords, Google

25 points by Wowfunhappy 59 days ago | 10 comments

Toward a Passwordless Future (privacyguides.org)
Passwords are annoying, vulnerable to attack, and prone to human error. The multitude of issues with passwords has cost millions of dollars and forced terrible band-aid solutions in how we handle signing up for, logging in to, and securing online accounts. I'd like to break down some of these design paradigms that have entrenched themselves in our lives and how passkeys can lead to more secure and private online accounts.

Security, Passwords, Privacy, Online Accounts, Design

29 points by freddyym 111 days ago | 66 comments

Tell HN: The most recent Chrome update seems to have deleted all my passwords (ycombinator.com)
I typically run two browsers - my default for most web surfing, and Chrome for when I need to access /be logged into Google services, do financial transactions etc.

Web Browsers, Security, Chrome, Passwords, User Experience

4 points by anigbrowl 115 days ago | 1 comments

Magic Links Have Rough Edges, but Passkeys Can Smooth Them Over (rmondello.com)
Independent media venture 404 Media recently published a post titled, “We Don’t Want Your Password”. The piece is a cogent explanation of the problems with password-based accounts online followed by a defense of the website’s login strategy, magic links, in the face of feedback about them being inconvenient and difficult to use.

Web Security, User Experience, Passwords, Authentication, Magic Links

50 points by mooreds 173 days ago | 57 comments

Microsoft won't let customers opt out of passkey push (theregister.com)
Microsoft last week lauded the success of its efforts to convince customers to use passkeys instead of passwords, without actually quantifying that success.

Microsoft, Passkeys, Security, Passwords

7 points by ajdude 190 days ago | 1 comments

LastPass hacked, users see millions of dollars of funds stolen (techradar.com)

Cybersecurity, Data Breaches, Passwords, Financial Crime

11 points by belter 192 days ago | 3 comments

Apple Releases iCloud Passwords Add-On for Firefox (macrumors.com)
Apple now has a dedicated iCloud Passwords add-on designed for the Firefox browser, which means Firefox users can access passwords and logins stored in the Passwords app or iCloud Keychain when using Firefox on a PC or Mac.

Apple, Firefox, Security, Browsers, Passwords

57 points by frizlab 205 days ago | 15 comments

Will passkeys ever replace passwords? Can they? Here's why they should (theregister.com)
Will passkeys ever replace passwords? Can they?

Security, Passwords, Authentication, Technology

37 points by rntn 222 days ago | 79 comments

Becoming physically immune to brute-force attacks (2021) (seirdy.one)
This question might not be especially practical, but it’s fun to analyze and offers interesting perspective regarding sane upper-limits on password strength.

Security, Cybersecurity, Passwords

109 points by emurlin 246 days ago | 68 comments

Apple Passwords’ generated strong password format (rmondello.com)
This post briefly summarizes part of a talk I gave in 2018. All information in this post has been accessible on YouTube since then. There is no new information or news in this post.

Security, Passwords, Apple

436 points by tambourine_man 252 days ago | 268 comments

The War on Passwords Is One Step Closer to Being Over (wired.com)
“Passkeys,” the secure authentication mechanism built to replace passwords, are getting more portable and easier for organizations to implement thanks to new initiatives the FIDO Alliance announced on Monday.

Security, Passwords, Authentication, Technology

7 points by marban 256 days ago | 1 comments

New passkey specifications will let users import and export them (9to5mac.com)
Passkeys were introduced two years ago, and they replace traditional passwords with more secure authentication using a security key or biometrics. To make the technology even better, the FIDO Alliance published on Monday new specifications for passkeys, which ensure a way to let users import and export them.

Security, Passwords, Authentication, Web Security

5 points by alwillis 256 days ago | 2 comments

Coming soon: Securely import and export passkeys (1password.com)
Passkeys are superior to passwords in almost every way. They’re simpler to use because there’s nothing to memorize, type out, or paste in. They’re also always strong and come with multi-factor authentication built right in. In short, passkeys are awesome.

Security, Passwords, Authentication, Web Security

8 points by samcat116 256 days ago | 0 comments

Always have a comma in your password, if part of a leak it will break the CSV (toot.cafe)

Security, Data Breaches, Passwords

77 points by edward 267 days ago | 48 comments

NIST's New Password Guidelines Will Eliminate Periodic Changes and Special (socket.dev)
NIST (National Institute of Standards and Technology) is set to update its recommendations for authentication and authenticator management as part of a revision to its Digital Identity Guidelines.

Security, Technology, Passwords, NIST

11 points by feross 275 days ago | 1 comments

NIST to forbid requirement of specific passwords character composition (mastodon.social)

Security, Government Regulations, Passwords, Data Security, Privacy

266 points by riffraff 276 days ago | 134 comments

Passwords have problems, but passkeys have more (world.hey.com)
We had originally planned to go all-in on passkeys for ONCE/Campfire, and we built the early authentication system entirely around that. It was not a simple setup!

Security, Authentication, Passwords

49 points by duncans 291 days ago | 4 comments

What Is a Password Hash? (tuta.com)

Security, Cybersecurity, Passwords, Encryption

6 points by devonnull 304 days ago | 0 comments

Why most password requirements are silly. Also, here's our flavor (medium.com)

Security, Passwords, Cybersecurity

9 points by AnhTho_FR 308 days ago | 6 comments

Chrome will now prompt some users to send passwords for suspicious files (arstechnica.com)

Security, Web Browsers, Privacy, Passwords

33 points by ImJamal 336 days ago | 11 comments

About Passkey – the password-free tech Apple is betting on (fastcompany.com)

Technology, Passwords, Apple, Security, Privacy

29 points by gautamsomani 362 days ago | 37 comments

Apple unveils 'Passwords' manager app at WWDC 2024 (zdnet.com)

Apple, Passwords, Security, Mobile Apps, WWDC

390 points by drx 382 days ago | 744 comments

Ask HN: 1 passkey per device, or store it in password manager? (ycombinator.com)