Digits offered in Twitter's Fabric development kit, uses only a phone number
Twitter has started putting the pieces into place to distance users from password requirements with the announcement of Digits. The company unveiled the new platform at its first mobile developer conference in San Francisco today, as a part of its Fabric suite of development tools. Rather than relying on a username and password for every app, Digits uses a telephone number and text messages to confirm identities instead.
Dropbox updated to accommodate iOS 8
Cloud storage platform Dropbox has released an update for its iOS app, in light of the release of iOS 8. Dropbox allows users to store their files remotely, and its iOS app provides access to any file saved to one's cloud account. Dropbox v3.4 includes a restored automatic back-up functionality for iOS 8, which was briefly not working for those who installed the latest iOS release.
Passwords reset based on database comparison to leaked Gmail credentials
Fallout could still be on the way as a result of the collection of nearly five million Gmail username and password credentials leaked on a Russian Bitcoin forum, but for now at least one company is taking action. Automattic, the company responsible for the blogging platform WordPress, announced it has reset user passwords for more than 100,000 accounts based on the information contained in the list.
Google says there is no evidence of a breach, many logins are said to be outdated
Another credential scare has turned up online, this time for one of the world's largest free email services. The emails and passwords of around 4.66 million Gmail users have turned up on a Russian Bitcoin forum, traced backed to English, Russian and Spanish users of the service. It's not clear where or how the list was collected, but it is said that many of the logins are outdated.
Nearly 4.5 billion records in total collected, 542 million unique emails addresses
The New York Times reported earlier this week that a hacker group has collected 1.2 billion unique username and password credentials from 420,000 websites. The records, which were verified by a security firm, is thought to be one of the largest collections of Internet identity information reported. The publication had the data analyzed by another expert, who verified the authenticity of the collection but has not commented on the validity of the data.
About 76,000 email addresses, 4,000 encrypted passwords were publicly accessible
At the beginning of the month, Mozilla issued a release on its security blog that there had been an investigation into accidental disclosure of its database for the Mozilla Developer Network (MDN). The company discovered a problem after a web developer found out that the data sanitization process it runs on the MDN database had been failing. The result was that 76,000 email addresses of account holders, as well as the "passwords of about 4,000 users" were able to be accessed publicly.
Keeper Security offers new password manager to Mac users
Keeper Security published a press release Wednesday, announcing its launch of a new password manager for Mac. Keeper for Mac allows users to promptly sync their password records across all their devices. When login information is changed, these alterations are synced automatically. Also included is a 'sharing' feature, which allows users to grant access to specific Keeper records to other users.
Bolstered security follows large-scale attack on Evernote servers
Evernote has added three new security features to help its users keep their accounts safe. The inclusion of two-step authentication, access history, and authorized app management comes two months after the note-taking service suffered an attack by hackers, which forced the company to reset all passwords for its near 50-million user base.
Added note says password blacklist will be updated over time
A list containing passwords unusable on BlackBerry 10 devices has leaked. The list, containing what Research in Motion deems to be the most obvious passwords, appears to be designed to stop anyone from using easily-guessable passwords on the operating system. Though not a cure-all to every security threat, it does add some security by forcing users to choose more secure words, phrases, or codes than they would have previously used.
Apple, Samsung, Google engineer details in security breach
A researcher has discovered a security breach at a large professional organization for computer engineers. The Institute of Electrical and Electronics Engineers (IEEE) had left unencrypted usernames, passwords and activity of almost 100,000 of its members publicly viewable on an FTP server for the last month. Engineers from Apple, Google, IBM, Samsung, and NASA were affected, among others.
eWallet stores passwords, credit cards, accounts
Ilium Software has ported its password manager, eWallet 7.1, to the Mac platform. The software stores information with 256-bit AES encryption, tracking all of a user's passwords. eWallet owners can create complex, unique passwords instead of relying on one or two easy-to-remember combinations for financial websites. The software can also sync between a Mac and another computer or an iPhone, iPad or iPod touch. Users can store passwords, credit cards numbers, bank accounts, security verification questions and other sensitive information.
PDF Studio, CoolIris
TM Error Logger 1.2 (free) can display additional details related to Time Machine error messages. Whenever Time Machine reports an error one can use the software to find which file or folder caused the problem and be directly linked to that location in the Finder. Version 1.2 has added additional install instructions and fixed the Donate button for Intel Macs. [Download - 1.8MB]
Live Interior, PDFpen
ProteMac Meter 2.3 ($30) is a network-traffic logging application that allows users to monitor all Internet and network activity. A stopwatch function can be used to time downloads and calculate average transfer rates. Users can also set alarms that will sound if the bandwidth or time limits have been exceeded by a particular application, or if a desired traffic volume has been reached. The update includes a series of bug fixes and had added a series of Local Connections preference controls. [Download - 5MB]
Prospects 1.2 ($30) is a personal finance application that allows users to manage their finances with features such as account monitoring and budgeting. This version adds scheduled transactions and reminders, account reconciling, automatic learning of rules for payees and categories, interface enhancements, the ability to navigate and edit transactions using only the keyboard, transaction filtering, and also fixes numerous bugs. [Download - 5MB]
CheckUp, Giftory, PDFpen
A Better Finder Attributes 4.8 ($15) gives users access to attributes that are not regularly available from the Finder. Users can edit the files modification and creation date and time, allowing users to set pictures dates and times to those of when the picture was taken. Version 4.8 now allows the removal of file create and modification dates so that they display as "--" in the Finder. The new version also features improved preview and error handling. [Download - 1.1MB]
Rohos Logon Key
The first line of defense to keep unauthorized people from messing with your Mac is your password. Choose a simple password and it will be easy for you to type and remember, but also just as easy for someone else to guess. Choose a more complicated password and there’s a good chance you’ll forget or mistype it, and wind up locking yourself out of your own computer. Since passwords can be bothersome to use, consider using the Rohos Logon Key for the Mac.
ADmitMac for CAC
Thursby Software has released of ADmitMac for CAC (AFC) v2.0. AFC securely integrates U.S. Department of Defense Common Access Cards (CAC) with Macs. Using the Active Directory technology of Thursby Software's commercial ADmitMac product, AFC provides a solution for securing Macs without requiring a local password. AFC uses a single sign-on environment to Windows domains, verifying a CAC against a centralized network authority. It further validates that neither the card nor the privileges granted the user have been revoked. Using ADmitMac for CAC replaces the use of passwords with CAC/PIN security using Kerberos PKINIT.