Latest news with #onlineSecurity
Forbes
27-07-2025
- Forbes
Why You Should Delete All Your Passwords In Google Chrome
It's time to make a change. There's a truism in cyber circles, that hackers don't break in, they log in. It's not new — users have been warned as such for years. But now more than ever your passwords are at high risk. And for most users, there's nothing more protecting your digital life. Your passwords are almost certainly included in multiple data breaches, especially given our habit of using the same username and password across multiple accounts. Hackers know this, and it makes their job easier as and when they target your accounts. Google, Microsoft and others are warning you to upgrade all your accounts to add passkeys. Microsoft is going even further, urging a billion users to delete passwords on their accounts. And you have just 5 days before it deletes passwords in its Authenticator smartphone app whether you like it or not. Now is the time to act on your passwords. While most people still don't use two-factor authentication (2FA), most that do still use SMS codes, even as government agencies warn that's little better than no 2FA at all. Use a top-tier authenticator app at a minimum for one 2FA, albeit passkeys are better. Meanwhile, we all need to save our passwords, to conveniently autofill them when required to access websites and apps. But if you're using your browser to store your passwords then you should make a change and stop doing that. And no browser is more widely used as a password manager than Chrome — across all platforms. Saving your passwords in Chrome is undoubtedly easy. But easy is rarely best when it comes to security. And while there may have been arguments for browser-based password management in the past, the password manager options are now so good that there's no excuse not to switch and delete the passwords stored in your browser. 'Do you use Google's Password Manager?' TechRadar asks. If so, 'you should reconsider.' While 'Google's free password manager has handy features like auto-filling passwords and alerting you about data breaches, there are significant downsides you can't ignore: It doesn't use zero-knowledge encryption, meaning Google could potentially access your passwords if they wanted to. Yikes!' The Freedom of the Press Foundation, PC Mag and even Android Police say the same. Especially now that 'Google has made it easier to move away from its password manager with a new 'Delete all data' option in the settings, allowing users to completely wipe their saved passwords before switching to a third-party password manager.' A standalone password manager should be protected by your trusted hardware security. That means Passwords on Apple or an app that uses strong passkey or app-based 2FA authentication. You also need to ensure there's zero-knowledge assurance, meaning your master password and your stored data is only ever available to you. That means a central password manager data breach can't compromise your own accounts. Clearly, if your device is compromised then your password app might be accessible as well. But it's more likely for your browser to be compromised than your device. That could be via a core browser compromise, a malicious extension or even a browser agent. There's no fire gap between your browser and your credentials. That is a risk. Per TechRadar, 'the security risks associated with web-based password management solutions cannot be overlooked. Google Password Manager is susceptible to malware attacks, including those exploiting vulnerabilities like JavaScript. This vulnerability increases the likelihood of unauthorized access to your sensitive information compared to standalone products that don't have the same exposure to web-based threats.' Google has upgraded its password repository — especially with device-level encryption. But there's still no fire gap between your public facing browser and your passwords. As TechRepublic explains, 'today's online landscape is fraught with many cyber threats, and only a dedicated password manager can offer advanced features like zero-knowledge encryption, cross-platform compatibility, travel mode, and secure password sharing and inheritance options for adequate security.' And while 'Google Password Manager can give you some basic protection and password management features, it still cannot be compared to dedicated password managers in many other areas beyond password storage and password generation.' As with VPNs, avoid all but top tier password managers from well-known, leading developers. The app should be part of your ecosystem — such as Apple's — or should be paid. Again just like VPNs free means risky. And you should ensure it ticks all the boxes — fully encrypted security, zero knowledge, authenticated access and a fire gap.
Fox News
07-07-2025
- Fox News
Stop data brokers from selling your information online
Your personal data is a highly valuable commodity. Companies often treat it like a resource to be mined and traded. In practice, this means that everything you do on the Internet, what you search, what you click, where you shop, feeds a vast industry. Many people feel they have little control over this. In fact, a Pew Research survey found that roughly six in ten Americans say it's not possible to go through daily life without having data collected about them. We may use "free" services, but we usually pay in data. As the U.S. Federal Trade Commission explains, "The things we do throughout the course of our day give businesses access to information about our habits, tastes, and activities. Some might use it to deliver targeted ads to you... Others might sell or share that information". Let's examine how your data is collected in everyday life, who is buying and selling it, what happens to it afterward, and, most importantly, what you can do to protect yourself. Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my Almost everything we do online or even offline can generate data. Here are some common sources: 1) Social media platforms: Social networks like Facebook, Instagram, or Twitter collect a wide array of data from your posts, likes, location check-ins, connections, and more. Social media companies harvest sensitive data about individuals' activities, interests, personal characteristics, and purchasing habits. In short, even casual sharing on these sites adds to a detailed profile about you. 2) Online shopping and loyalty programs: Every time you shop online or use a store loyalty card, data about your purchases is recorded. Retailers track what you buy, when, and how (with coupon or card). Even offline purchases using a rewards card feed into databases. Over time, this builds a detailed purchasing history linked to your identity. 3) Browser fingerprinting: This technique collects bits of information about your browser and device (such as which plugins you have, screen size, time zone, etc.) to create a unique "fingerprint." That fingerprint can identify you uniquely across sites, even without cookies. 4) Mobile app identifiers and SDKs: On phones, each app often reports usage data back to its developer or advertising partners. For example, iOS and Android assign a unique advertising ID to your device, and apps can read that ID and log your activity. Many apps also include third-party SDKs (software development kits) from analytics or ad companies that silently collect data on your in-app behavior and send it off for profiling. 5) Cookies and tracking pixels: A cookie is a small file your browser saves from a website. It lets the site recognize your device later. A tracking pixel (also called a web beacon) is a tiny, invisible image embedded in a webpage or email that reports back when you view it. Together, cookies and pixels allow companies to "remember" your visits, log which pages you view, and build a record of your browsing even after you leave a site. Data brokers are companies whose entire business is buying, aggregating, and reselling personal information. They collect data about you from many places and bundle it into profiles. This industry is massive (estimated at around $200 billion per year) with thousands of firms globally. Big-name brokers include companies like Experian, Acxiom, Epsilon, and many lesser-known "people search" sites. Using sources like public records, social media, data breaches, and data brokers assemble extensive dossiers on individuals. They collect ordinary details such as names, addresses, dates of birth, phone numbers, email addresses, as well as sensitive traits: gender, marital status, education level, occupation, income range, hobbies, and interests. Brokers may even buy data about your health (like what drugs you purchase) or political views gathered from public voter records or social media activity. After building these profiles, brokers sell or license them to anyone who will pay. Typical customers include Marketers and Advertisers, Insurers and Lenders, People Search and Data Services, Employers and Background Checkers, and more. Once your data is in the hands of others, it's used to profile and segment people in ways that can affect what we see and the opportunities we receive. Profiling simply means grouping people by common traits or habits, such as "young urban pet owners" or "people likely to buy a new car this year." These profiles are then used to serve you targeted ads and offers. Targeted advertising can feel creepy or manipulative. For example, you might notice ads for products you only briefly mentioned in a private message or web search, because your data was shared with dozens of advertisers behind the scenes. Every time you load a page with ads, your data profile is broadcast to companies through automated ad auctions, and they bid to show you ads. Beyond advertising, there can be more serious consequences such as identity theft and stalking. Broader profiles mean more tempting targets for criminals. People-search websites, which get data from brokers, can show your address, phone number, family members' names, and even your Social Security number. This information can be used to steal your identity or harass you. There are many ways to take control of your personal data, several of which are listed in the section below, but the most effective is to consider a data removal service. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. A personal data removal service can help you remove all this personal information from the internet. It has a very clean interface and will scan 195 websites for your information and remove it and keep it removed. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Get a free scan to find out if your personal information is already out on the web: You can take steps to reclaim some control over your data, and you don't have to be a tech expert to do it. Here are some practical tips and resources: 1) Review privacy settings: Take a few minutes to explore the privacy and security settings on the services you use. For example, limit who can see your social media posts, disable unnecessary location-sharing on your phone, and consider turning off ad personalization on accounts like Google and Facebook. Most browsers let you block third-party cookies or clear tracking data. The FTC suggests comparing the privacy notices of different sites and apps and choosing ones that let you opt out of sharing when possible. 2) Use privacy-friendly tools: Install browser extensions or plugins that block ads and trackers. You might switch to a more private search engine (like DuckDuckGo or Brave) that doesn't log your queries. Consider using a browser's "incognito" or private mode when you don't want your history saved. Even small habits, like logging out of accounts when not in use or using a password manager, make you less trackable. 3) Be cautious with personal data: Think twice before sharing extra details. Don't fill out online surveys or quizzes that ask for personal or financial information unless you trust the source. Create separate email addresses for sign-ups (so marketing emails don't go to your main inbox). Only download apps from official stores, and check app permissions. 4) Opt out of data broker lists: Many data brokers offer ways to opt out or delete your information, though it can be a tedious process. For example, there are sites like Privacy Rights Clearinghouse or the Whitepages opt-out page that list popular brokers and their opt-out procedures. The FTC's consumer guide "Your Guide to Protecting Your Privacy Online" includes tips on opting out of targeted ads and removing yourself from people-search databases. (Keep in mind you may have to repeat this every few months.) You may not be able to completely escape the data economy, but you can limit its impact on your life. By using privacy tools, being mindful of what you share, and demanding transparency, you make it harder for companies to treat your personal information as a free-for-all. Each small step, whether it's tweaking settings, clicking "opt out," or simply pausing before hitting "submit" on a form, helps you regain control. Ultimately, pushing for accountability from businesses and lawmakers is also part of the solution. After all, privacy is a fundamental right that deserves strong safeguards for everyone. How comfortable are you knowing that your personal data might be used to target ads? Let us know by writing us at Sign up for my FREE CyberGuy ReportGet my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you'll get instant access to my Ultimate Scam Survival Guide - free when you join my Copyright 2025 All rights reserved.
Yahoo
05-07-2025
- Yahoo
Why passkeys are the next frontier in digital security
When you buy through links on our articles, Future and its syndication partners may earn a commission. The traditional password that generations of computer users have come to love and hate may soon be replaced by something called a "passkey." You've likely even been prompted to create one already. While many people may not know just how easy it is to start experimenting with this new creation, there are still hurdles that must be cleared before adoption becomes widespread. Since most individuals have made at least one of several password security errors — like using the same phrase across multiple sites — there has been a rise of hacking, identity theft, scams and major data breaches. The problem is so pervasive that passwords themselves might be on the outs as a viable pillar of online security. "Passkeys" are one prominent alternative gaining popularity as a way to make our online information systems more secure. Passkeys are "generated codes" that are "stored on your device or in your password manager" and allow you to "log in to websites and apps using your fingerprint, face recognition or a PIN," said Wired. Their creators claim that they are unhackable, and they are "widely considered to be more secure" than your existing password system. When you make a passkey, you are creating a "pair of cryptography keys generated by your device" that communicate with one another via a "biometric identification tool, such as FaceID or TouchID, to authenticate your identity," said PC Mag. When did computer passwords become a thing? 5 password habits that put you at risk Data breaches increased in 2023 and with them, internet security concerns The good news is that "passkeys are very simple to use," said Dashlane, and you can create them for many accounts, including Google, Amazon, Apple and more "in just a few quick steps." After creating one, "you just approve login attempts with a PIN or biometrics," said PCWorld. For example, to create a passkey on Google you just log in to your account, open the passkeys manager, enter your password and create a passkey. They are the "way of the future for Google account verification" and doing so is "simple to do and highly secure," said ZDNET. All you need is a "mobile device or a laptop/desktop with biometrics (such as a fingerprint scanner)." And if you're already using a password management system like Bitwarden or 1Password, they can also store your passkeys. Passkeys are a "password-killing tech," said Wired, and improvements to the underlying technology are "pushing passkeys toward a tipping point." Still, one problem is that there are "definitely things that unnecessarily confuse and complicate the use of passkeys, " said Ars Technica, including the reality that "syncing across different platforms is much harder than it should be." That is a potentially devastating problem because less tech-savvy users are likely to give up on the new technology if they encounter any significant obstacles. Critics also note that "passkey implementations to date lock users into the platform they created the credential on." But developers are hard at work trying out ideas to make the process of moving to passkeys more seamless for most users. Perhaps the most important development underway is a Credential Exchange Protocol that will "make passkeys portable between digital ecosystems" and avoid "user lock-in" to any individual password management service, said Wired. Adoption of this new technology is still slow. Even though three-quarters of respondents in the U.S., U.K., China, Japan and South Korea have heard the term, fewer than a third have actually created one. Moving to passkeys also "assumes that the user has exclusive, private access to an account or device," which may not be realistic in households where family members share both, said the National Cyber Security Centre. Because of these limitations, "it's too soon to switch away from using passwords for all your online security," said Consumer Reports, which recommends trying passkeys for some accounts while the technology continues to mature.
Gizmodo
02-07-2025
- Business
- Gizmodo
The Most Recommended VPN Is Giving Away Amazon Gift Cards (Limited Time)
Good deeds pay back, and you'll agree when you hear about NordVPN's fresh sale. If you do something good for yourself, like ensuring your online security, NordVPN will pay you back with an Amazon Gift Card (up to $50). However, the deal has been live for quite a while, so its duration is limited. Moreover, NordVPN doesn't include the gift in all plans. Stay with us and we'll explain which plans to opt for to squeeze out the promotion. Save Big on NordVPN Today NordVPN has struck gold with recent discounts. As always, the highlight is the set of two-year plans, but this time, not the entire roster. While the Basic plan at $3.39 monthly is unbelievably cheap, it's not part of this grandeur promotion. The rest of them are, including: The names of these plans depend on your location; these are for the US market. Nevertheless, choosing one of the three biennial plans grants you a 70-76% discount and $30, $40, or $50 Amazon Gift Cards. It's worth noting that NordVPN issues gift cards right after the 30th day, so it's vital not to quit NordVPN beforehand. Another condition is that you're in the UK, the USA, Australia, or Canada, as gift cards only work there. That's pretty much it! NordVPN keeps things simple and hates complicating, much like the rest of us. So, click the blue button and save more than 70% on NordVPN and your next Amazon purchase; kill two birds with one stone! NordVPN explicitly states that the gift card is issued after 30 days. Considering NordVPN's 30-day money-back guarantee, the provider is always fully refundable within this period. However, you cannot cancel NordVPN and enjoy a gift card, as it's issued after the first 30 days. If you're unsure you'll like it, there's a way to get a NordVPN free trial. You must sign up via Android, and NordVPN will let you use it for 7 days for free. If you like it, you can claim the exclusive discount here, wait for 30 days, and get your Amazon freebie. For those 'uninitiated', NordVPN is known as the world's best VPN. It offers an extensive server list, high-end security features, fast protocols, and a no-log policy. Its streaming and torrenting prowess make it great for online entertainment. It's actually the go-to VPN for torrenting. Simultaneously, it supports all devices and systems. Users praise its ease of use and ten simultaneous connections. However, it's also worth noting that NordVPN is used by gamers and those who often use the dark web. The company has been around since 2012. With over a decade on the market, it amassed millions of active subscribers. So far, its reputation has remained untarnished, and there's little doubt things will change. Is the promotion worth a shot, though? It's up to you to decide. Just don't wait for it to run dry. Try NordVPN risk-free today
Yahoo
27-06-2025
- Business
- Yahoo
Protect All of Your Devices With a Discounted, No-Subscription VPN
The following content is brought to you by PCMag partners. If you buy a product featured here, we may earn an affiliate commission or other compensation. Online security tools have come a long way, but many still rely on centralized VPNs that can introduce their own risks. The Deeper Connect Mini takes a different approach, offering decentralized VPN (DPN) technology combined with enterprise-grade firewall protection in one compact piece of hardware. Normally $229, the Deeper Connect Mini is now only $179.99. Instead of routing data through third-party servers, the Deeper Connect Mini uses peer-to-peer connections to maintain privacy while minimizing latency and bandwidth throttling. It gives users direct control over their encrypted data streams and allows for unrestricted content access without sacrificing speed or stability. The built-in 7-layer firewall filters traffic at multiple levels, blocking malware, phishing attempts, and other threats before they reach connected devices. Smart routing capabilities optimize traffic paths automatically, while multi-routing allows simultaneous access to multiple regions. Integrated ad blocking removes ads across all browsers, including YouTube, improving load times and reducing data usage. For households with children, one-click parental controls make it easy to restrict access to unsafe content. The device also offers blockchain-based bandwidth sharing, allowing users to contribute idle network resources to Deeper's decentralized ecosystem in exchange for passive income. Unlike most VPNs, the Deeper Connect Mini works with no subscription fees, so you get a lifetime of protection for a one-time cost. Until July 1 at 11:59 p.m. PT, a Deeper Connect Mini Decentralized VPN is only $179.99 (reg. $229). Prices subject to change. PCMag editors select and review products independently. If you buy through StackSocial affiliate links, we may earn commissions, which help support our testing.
