Hey, guys! So… Yahoo! has something they want to tell you. Something they probably should’ve told you two years ago, really. Data from more than 500 million of their users was stolen in 2014.
We’ve seen some big incidents over the years, but half a billion users? That’s one for the record books. On a good note, Yahoo! is finally number one at something again, and, hey, they still had more than 500,000,000 accounts on the books as of 2014.
Given that we have had internet for decades now, but the passwords have barely evolved along with our broadband speeds. SplashData's annual list compiles the millions of stolen passwords made public throughout the year, and assembles them in order of popularity.
Google has announced the beginning of texting a new system, which allows users to login without using a password.
Instead of requiring a user to enter a password, the new system sends a push-notification on his smartphone, asking to confirm the request. To use it, you need to remember only your email address. The appearance of the feature was first reported by Reddit’s user Rohit Paul – he got an email invitation to participate in the testing of a new system. According to the screenshots published by Paul, for its work you need a smartphone with an established access password or a fingerprint scanner (for both iOS and Android)
After a simple setup, going in several stages, you begin to receive notifications with the following text: “Are you trying to enter from other computer?” If a user answers “Yes”, he will immediately gain the access to his Google account.
During the conversation with Google representatives, they confirmed the fact of testing and said that the days of such unreliable passwords like “Pizza” or “12345” are numbered. In the nearest future, the technology will be checked on a small amount of people and then it is planned to expand.
As it was noted by the company, a password itself is likely to remain, but it will be used only as a protective measure: for example, the system may need you to enter it, if it will consider the user’s behavior suspicious.
In case of loss the smartphone connected with the account (if it is protected by a numerical code or a fingerprint scanner) attackers will not be able to access user data, but in this case Google recommends to remove account access from your device.
According to the developers, a password is usually the weakest part of user’s protection, and in the same time two-factor authentication is too complicated for the majority of people. The new system aims to combine the convenience of the first method and the security of the second one.
The discussion on abandoning traditional ways of login has been going on for already several months. For example, in July 2014 the editor of Forbes published his password in the open access to prove its needlessness as a protective measure. According to him, if hackers really want to get access to someone else’s data, they won’t be stopped by any combination of letters and numbers, and it’s high time users found other ways of login.