I wrote a blog entry five years ago, explaining why using security questions for password resets was a bad idea. (Why “improved” on-line security could compromise your bank account). It's still true, and we're still getting it wrong. Last week saw an American fined about £200k and sent to prison for nine months for hacking … Continue reading It’s 2018 and we still can’t get basic things right
Why haven’t I blogged about Yahoo! already? Because it’s boring. Large company with lots of consumer personal data fails to take even barely adequate steps to protect that information. How is this news? There were two recorded data breaches every day in 2014 in the US alone, four every day (that we know about) worldwide. … Continue reading Yahoo! Yahoo! Ya…awn!