Sticky Password Blog

RSS Feed


Why You Should Care About the Bitglass “Where’s Your Data?” Experiment

Calling it the “world’s first A/B test for stolen credit card numbers on the Dark Web,” the folks at Bitglass have published the results of their ‘Where’s your data?’ experiment. The Bitglass research team prepared real-looking personal ID info that they then posted on the dark web*. The fake personal data was bait (think tasty […]

John Oliver and Edward Snowden Tackle Passwords

From the April 4th episode of Last Week Tonight with John Oliver. After Snowden tells Oliver an easy and effective way of making a good password: John Oliver: “Now, you’re right. I get it. I get how important it is. I fully understand that. The problem is, I’m not gonna do it, because… it seems […]

Twitch is Hacked: Sends Mixed Messages About New Passwords

Twitch, the live video community for gamers, announced yesterday that ‘there may have been unauthorized access to some Twitch user account information.’ They had been hacked. That’s never good, and because the hackers may have had access to usernames and passwords, Twitch took the very sensible step of cancelling passwords and is forcing their users […]

Yahoo’s On-demand Passwords – Safe or Just Simple?

Yahoo’s on-demand passwords are simple, but are they safe? Yahoo just announced what they call ‘a new, simple way to log in’. With the new opt-in login process, Yahoo will send you an SMS text to your phone with a temporary password that you can use to log in to your account. Yahoo is shifting […]

The Π of passwords

It’s Pi Day (3/14). And this year is even more special because it’s 2015, so we get Pi out to 4 digits 3/14/15. But wait – it gets even better. At 9:26:53 today, you’ll be able to celebrate Pi to the ninth decimal point: 3.141592653. That’s very coooooooool – even if you’re not into geeky […]

FREAK Attack Security Flaw – What You Need to Know

Security experts have identified a new web encryption vulnerability that has been dubbed the ‘FREAK attack’. FREAK attack ‘allows an attacker to intercept HTTPS connections between vulnerable clients and servers and force them to use weakened encryption, which the attacker can break to steal or manipulate sensitive data.’ The sensitive data could, for example, involve […]

NPR: You Might Want to Take Another Pass at Your Passwords

NPR brings attention to passwords in a recent segment of Morning Edition (text and audio). They do a nice job pointing out how haphazardly – i.e. poorly – many people approach passwords and password security by, for example: – using really bad passwords like ‘password’ or ‘123457’ (The tricky part (not!) is supposed to be […]

The Magic of Keepsake Passwords

What’s the magic word? “Please!” At least, that’s what all the grownups tell you when you’re growing up. “Open Sesame” worked very well for Ali Baba when he needed to open the door to the hidden cave where he and his 40 thieves would secrete themselves and their contraband. First appearing in tales in the […]

Size Does Matter… Password Edition

If you spend any time reading articles and blogs about security, then it’s likely that you’ve come across a lot of advice on how to create and remember incredible passwords. Most articles on the topic give pretty good advice… for creating one amazing password. (Advice that would have helped me a lot in 8th grade […]

Internet Growth and You

Do you look at online security the same way you did 10 years ago – or even 2 years ago? Remember when you were little and your parents would put a book on your head as you stood in the door frame of the kitchen (stretching your neck as much as you could) to mark […]