Welcome to The Dashlane Tech Check for February 24, 2017! I’ll help you catch up on all Dashlane -related news and the big news in the tech industry. And just for fun, I’ll include a useful lifehack that will keep you safe and secure all year long.
What in the (Security) World?
Here’s what made headlines this week in the world of digital identity, security, and privacy:
Report: CloudFlare Leaked Sensitive Data Across the Internet For Months
CloudFlare, a popular content delivery network used by more than 5.5 million websites, said on Thursday that it accidentally leaked customers’ sensitive information for months. According to Google Security Researcher, Tavis Ormandy , “private messages from major dating sites, full messages from a well-known chat service, frames from adult video sites, hotel bookings” were exposed by memory leakage issue, known technically as a buffer overrun. Read more.
After further investigation from our Security Team, we’ve confirmed that Dashlane’s password manager is not affected by this data leak since we are not a client of CloudFlare. In cases of data leaks or hacks, you can rest assured that Dashlane will notify users of compromised accounts via in-app Security Alerts . We also encourage our users to use strong, unique passwords on each and every one of their accounts to prevent a hacker from access multiple accounts when one is compromised.
Although no plain-text passwords were compromised in this leak, Dashlane’s Security Teamand other security researchers in the industry say the most effective thing you can do is to update your passwords to prevent potential account compromise and to further protect your data from other security issues. Use Dashlane’s Security Dashboard to help you analyze and improve the strength of your passwords, and use our Password Generator and Password Changer tools to help you create stronger passwords for all of your accounts.
Are we in a world beyond passwords? A CBS News poll investigates.A recent CBS News poll found that roughly one in four people has to reset a computer password at least once a month. Former chief technology officer at the Federal Trade Commission, Lorrie Cranor, said “We have so many rules about how they have to be complicated, and hard to guess. And then we’re supposed to have a different one for every account we have, and we’re not supposed to write them down. And that’s just really difficult for people to deal with.” Read more .
Legislation to stop U.S. border agents from demanding passwords and logins is on the wayEmbed from Getty Images
According to TechCrunch , Oregon Senator Ron Wyden wrote a letter to Homeland Security Secretary John Kelly and called for accountability around reports that U.S. Customs and Border agents are obtaining the passwords to locked devices that belong to detainees at the border. Invoking the Fourth Amendment, Wyden dismissed such practices as extralegal, lacking probable cause and a warrant required for such searches. Read more .
78 percent of IT Professionals have fallen victim to a phishing email, says survey.A recent Centrify survey of IT professionals attending the RSA Conference found that 26 percent of respondents share passwords, and 78 percent have fallen victim to a phishing email. The survey also found that just 55 percent of respondents believe their company’s current technology investment is sufficient to ensure security. Read more.
Breach Alerts
Yahoo Warns More Users That Their Private Information May Have Been Stolen
Following two major data breaches last year, Yahoo is warning some of its users that their accounts might have been breached by intruders using forged cookies, allowing them to access private information without knowing users’ passwords. Read more.
Data breach at LinkedIn’s Lynda.com affects 55,000 accountsLinkedIn’ s training site Lynda.com is notifying users of a database breach that includes the passwords of just under 55,000 accounts. All those passwords were “cryptographically salted and hashed” to prevent access the site says, but it’s resetting the logins just in case. Read more .
Dashlane News You Shouldn’t Snooze Dashlane’s CEO offers expert advice on keeping users and their employers safe after the Yahoo data breaches
The East Bay Times discusses the Yahoo hack and recommends using a password manager, like Dashlane to keep users and their employers secure. They interviewed Dashlane CEO Emmanuel Schalit and other cybersecurity experts, who strongly recommend that people use a different password for every online account so that if one is hacked, as in the Yahoo breaches, it can’t be used to get into other accounts.