Q: I saw PCWorld’s lists for the best password managers, and your top picks were for cloud-based services. Wouldn’t a locally stored password database be more secure? A: One of our top password ...

Security researchers have discovered what appears to be the largest password leak of all time, containing around 10 billion unique, plain text passwords. The file, titled "rockyou2024.txt," was posted ...

Keeping passwords on your own device seems safer than storing them in the cloud, right? A security researcher shows how you can easily hack KeePass. When the IBM PC was new, I served as the president ...

It’s been a bad few months for password managers — albeit mostly just for LastPass. But after the revelations that LastPass had suffered a major breach, attention is now turning to open-source manager ...

Hackers who compiled a database of as many as 350,000 Spotify passwords proceeded to store it on a cloud server … without a password. The breach also offers a reminder of a key principle to apply when ...

Whether you’re fed up with online password managers or just mistrust them, KeePassXC is a great way to securely self-manage your passwords. It doesn’t exactly replicate an online password manager, but ...

The breached databases contained some users' actual names, usernames, cryptographically protected passwords, email addresses, and the digital tokens that link social media accounts to Flipboard ...

APNIC said the hashed passwords were accidentally included in the category of downloadable Whois information back in June 2017, during an upgrade of the APNIC Whois database. The organization has ...

A MongoDB database was left open on the internet without a password, and by doing so, exposed the personal details and prescription information for more than 78,000 US patients. The leaky database was ...

Password management service 1Password has a neat new feature that lets users check whether a password they’re thinking of using has already been breached. At which point it will suggest they pick ...

Jeremi M Gosney (@jmgosney) is a world-renowned password cracker and security expert. He is the Founder & CEO of the password-cracking firm Sagitta HPC, and a member of the Hashcat development team.