Tag

Passwords

All articles tagged with #passwords

iOS 27 Rolls Out AI-Driven Features Android Has Yet to Match
technology12 days ago

iOS 27 Rolls Out AI-Driven Features Android Has Yet to Match

iOS 27 introduces AI-powered photo editing (Spatial Reframing and 3D Spatial Scene) with on-device AI and Private Cloud Compute, a Safari Notify Me feature for web-page changes across devices, natural-language Shortcuts automation, a camera-based bill-splitting tool tied to Apple Cash, and an automatic password-change tool in Passwords—marking a more AI-centric iPhone experience that Google/Android are likely to emulate, though some features remain iPhone-only or US-focused.

Phone passkeys: safer than passwords—but what about loss or theft?
life-and-style1 month ago

Phone passkeys: safer than passwords—but what about loss or theft?

A Guardian reader questions whether passkeys (which can be a PIN or biometrics on a smartphone) are truly safer than traditional passwords, given risks of phone theft or loss. While passkeys align with phishing resistance and stay device-bound, questions remain about real-world scenarios when a phone is compromised. The piece notes that the UK National Cyber Security Centre and others promote passkeys and invites readers to share experiences to better understand their practicality.

Edge halts in-memory loading of saved passwords at startup
technology1 month ago

Edge halts in-memory loading of saved passwords at startup

Microsoft Edge will stop loading saved passwords into process memory at startup after a researcher demonstrated that credentials stored in Edge’s built-in password manager could be decrypted on launch and dumped from Edge processes. Microsoft initially claimed this behavior was by design but now says a defense‑in‑depth fix will be applied across all Edge channels (including Canary); the change is already live in Edge Canary and will roll out to all supported builds (build 148+). The PoC showed that attackers with admin rights could access passwords from Edge processes, though the threat model did not always cover such cases, and the update aims to reduce in‑memory exposure and strengthen Edge security overall.

security2 months ago

Edge Buries Saved Passwords in RAM in Plaintext, Study Finds

Security researcher finds that Microsoft Edge loads all saved passwords into memory in cleartext on startup and keeps them in memory for the entire session, making them easier to harvest by memory reading; Microsoft says the behavior is by design, and exploit would require admin access; experts urge against storing passwords in browsers and recommend MFA or passkeys.

Edge Starts Up With All Passwords Exposed in RAM, Security Researchers Warn
cyber-security2 months ago

Edge Starts Up With All Passwords Exposed in RAM, Security Researchers Warn

A security researcher disclosed that Microsoft Edge decrypts and loads every saved password into plaintext within the browser’s process memory at startup, unlike Chrome which decrypts on demand and uses App-Bound Encryption. This creates a wide attack surface in shared or multi-user environments since credentials are present in memory for the entire session, even though Edge still prompts for re-authentication to view passwords. Microsoft says the behavior is by design, leaving security teams to consider disabling or mitigating this risk until Edge adopts on-demand decryption and stronger protections.

Microsoft Ends Passwords This Week: What You Need to Do
technology11 months ago

Microsoft Ends Passwords This Week: What You Need to Do

Microsoft is discontinuing the use of passwords in its Authenticator app starting August 1, shifting users to passkeys, a safer authentication method using biometrics or PINs. Users should prepare by setting up passkeys and choosing a new password manager, with recommendations including Bitwarden and 1Password, to enhance account security and transition smoothly from traditional passwords.