Blog Archives

Your passwords are bad

Choosing an effective password that’s easy to remember and type, as well as hard to guess for would-be fraudsters, is a perennial problem. But it’s one that the folks at Microsoft Research are trying to tackle with an experimental tool called Telepathwords.

Armed with an arsenal of data on common passwords and password-setting habits, the team built a tool that detects how vulnerable your password is by trying to guess the next letter as you type it.

You can visit the project site for yourself and see how predictable your own passwords are. For example, if you think a clever password would be p@$$w0rd, think again – the tool guesses it right instantly. If your password is zxserisljeerouiaer2345, on the other hand, its telepathic propensity flounders.

via The Next Web.

Apple’s claim that iCloud can store passwords “only locally” seems to be false

An Apple support document describing the company’s new iCloud Keychain makes a surprising claim that it can sync passwords across devices without ever storing them in the cloud.

If true, this would be an important advance in password management, allowing users to create long, complicated passwords on one device and have the passwords automatically sync to their other devices, but without storing data on Apple’s servers.

Today, most password managers sync data across devices by storing the data in a cloud service. There are ways to sync passwords directly among devices without cloud storage—for example, with a Wi-Fi sync option in the latest versions of 1Password. However, this requires some extra steps that reduce the convenience a good password manager offers.

via Ars Technica.