Welcome to The Dashlane Tech Check for February 24, 2017! I’ll help you catch up on all Dashlane-related news and the big news in the tech industry. And just for fun, I’ll include a useful lifehack that will keep you safe and secure all year long.
What in the (Security) World?
Here’s what made headlines this week in the world of digital identity, security, and privacy:
Report: CloudFlare Leaked Sensitive Data Across the Internet For Months
CloudFlare, a popular content delivery network used by more than 5.5 million websites, said on Thursday that it accidentally leaked customers’ sensitive information for months. According to Google Security Researcher, Tavis Ormandy, “private messages from major dating sites, full messages from a well-known chat service, frames from adult video sites, hotel bookings” were exposed by memory leakage issue, known technically as a buffer overrun.
After further investigation from our Security Team, we’ve confirmed that Dashlane’s password manager is not affected by this data leak since we are not a client of CloudFlare. You can read more about the “Cloud bleed” leak and how you can protect your accounts here.
Are we in a world beyond passwords? A CBS News poll investigates.
A recent CBS News poll found that roughly one in four people has to reset a computer password at least once a month. Former chief technology officer at the Federal Trade Commission, Lorrie Cranor, said “We have so many rules about how they have to be complicated, and hard to guess. And then we’re supposed to have a different one for every account we have, and we’re not supposed to write them down. And that’s just really difficult for people to deal with.” Read more.
Legislation to stop U.S. border agents from demanding passwords and logins is on the way
According to TechCrunch, Oregon Senator Ron Wyden wrote a letter to Homeland Security Secretary John Kelly and called for accountability around reports that U.S. Customs and Border agents are obtaining the passwords to locked devices that belong to detainees at the border. Invoking the Fourth Amendment, Wyden dismissed such practices as extralegal, lacking probable cause and a warrant required for such searches. Read more.
78 percent of IT Professionals have fallen victim to a phishing email, says survey.
A recent Centrify survey of IT professionals attending the RSA Conference found that 26 percent of respondents share passwords, and 78 percent have fallen victim to a phishing email. The survey also found that just 55 percent of respondents believe their company’s current technology investment is sufficient to ensure security. Read more.
Yahoo Warns More Users That Their Private Information May Have Been Stolen
Following two major data breaches last year, Yahoo is warning some of its users that their accounts might have been breached by intruders using forged cookies, allowing them to access private information without knowing users’ passwords. Read more.
Data breach at LinkedIn’s Lynda.com affects 55,000 accounts
LinkedIn’s training site Lynda.com is notifying users of a database breach that includes the passwords of just under 55,000 accounts. All those passwords were “cryptographically salted and hashed” to prevent access the site says, but it’s resetting the logins just in case. Read more.
Dashlane News You Shouldn’t Snooze
Dashlane’s CEO offers expert advice on keeping users and their employers safe after the Yahoo data breaches
The East Bay Times discusses the Yahoo hack and recommends using a password manager, like Dashlane to keep users and their employers secure. They interviewed Dashlane CEO Emmanuel Schalit and other cybersecurity experts, who strongly recommend that people use a different password for every online account so that if one is hacked, as in the Yahoo breaches, it can’t be used to get into other accounts. Read more.
This Week’s Lifehack to Improve Your Security
With security bugs and data leaks making headlines, this is a perfect reminder to make sure your online accounts and personal information are protected at all times. To make sure all of your accounts are secured with a strong password, use Dashlane’s Security Dashboard to help you monitor and improve the strength of your passwords. We show you how in 5 easy steps!
Have any thoughts on any of the news I shared? Leave me a comment below and make sure to visit our blog next week for another edition of The Dashlane Tech Check. ?
Also, don’t forget to follow us on Twitter to always be in the know! In our last Tech Check, the Atlantic asked: “When did cyber security become so political?” and David Beckham’s email was hacked in an alleged blackmail scheme!