Why Big Tech Wants You To Ditch Your Password

4 роки тому

The average office worker in the United States must keep track of between 20 to 40 different username and password combinations. With so many passwords to remember, many of us use the same ones over and over, or have a running list of passwords saved somewhere. Passwords are a very serious and expensive security risk. It’s why companies like Microsoft , Apple and Google are trying to reduce our dependence on them. But the question is, can these companies break our bad habits?
Update (January 21, 2020): A website mentioned in this video, WeLeakInfo, was shut down by the Federal Bureau of Investigation and other law enforcement agencies on Friday, Jan. 17, 2020. The site claimed to have more than 12 billion usernames and passwords from more than 10,000 data breaches.
Passwords are a very serious and expensive security risk. A report by Verizon looked at 2,013 confirmed data breaches and found that 29% of those breaches involved the use of stolen credentials.
Another study by the Ponemon Institute and IBM Security found that the average cost of a single data breach in the U.S. was more than $8 million. Even when passwords are not stolen, companies can lose a lot of money trying to reset them.
“Our research has shown that the average fully loaded cost of a help desk call to reset a password is anywhere between $40 or $50 per call,” says Merritt Maxim, vice president and research director at Forrester.
“Generally speaking, a typical employee contacts a help desk somewhere between 6 and 10 times a year on password related issues,” Maxim said. “So if you just do the simple multiplication of six to 10 times, times 50 dollars per call, times number of employees, in your organization, you’re talking significantly hundreds of thousands of dollars or even potentially millions of dollars a year.”
» Subscribe to CNBC: cnb.cx/SubscribeCNBC
» Subscribe to CNBC TV: cnb.cx/SubscribeCNBCtelevision
» Subscribe to CNBC Classic: cnb.cx/SubscribeCNBCclassic
About CNBC: From 'Wall Street' to 'Main Street' to award winning original documentaries and Reality TV series, CNBC has you covered. Experience special sneak peeks of your favorite shows, exclusive video and more.
Connect with CNBC News Online
Get the latest news: www.cnbc.com/
Follow CNBC on LinkedIn: cnb.cx/LinkedInCNBC
Follow CNBC News on Facebook: cnb.cx/LikeCNBC
Follow CNBC News on Twitter: cnb.cx/FollowCNBC
Follow CNBC News on Instagram: cnb.cx/InstagramCNBC
#CNBC
Why Big Tech Wants You To Ditch Your Password

КОМЕНТАРІ: 3 300

@nathancosta36 4 роки тому

Passwords aren't sufficiently secure & it costs companies millions to recover. Saved you guys 17 minutes.

@peacheskong2245 4 роки тому

Thanks. I don't agree with it though...It's just because they want us to use our heads as chips in the end so whatever they say is for that final goal

@user-st5ir8mg3q 4 роки тому

Hero

@davidolmedo4634 4 роки тому

Thx, can watch something else now :D

@carlosalba7790 4 роки тому

Thank you, I was like really 16 min to explain that? 🙄

@junipearrrrr 4 роки тому

Thanks bro

@leonidas14775 3 роки тому

Windows hello at work: "Your face will expire in 3 days. Your new face must contain a special character"

@hneebrn 3 роки тому

😂

@kenwu7 3 роки тому

Underrated Comment

@iramsavir5631 3 роки тому

😂🤣🤣😁 Time to grow a beard!

@ChrisCa1601 3 роки тому

LOL

@cmichaels9544 3 роки тому

More like: your new face cannot be the same as the old one

@starwars1744 3 роки тому

I love how a lot of companies force you to reset your password every 6-8 months; depending of the company. And everyone is complaining that changing passwords is expensive. You’re literally forcing us to change them.

@mwbgaming28 3 роки тому

Companies: get rid of passwords, they are not secure Also companies: password required after phone is restarted

@navtejsingh9248 3 роки тому

i don’t get why we need to enter a password after restarting a device.

@Kaiyats 3 роки тому

@@navtejsingh9248 I’ll assume it’s because the phone is encrypted when it’s turned back on and the password unlocks everything

@Milesco 3 роки тому

@@navtejsingh9248 : Hell, I have to enter my password every time the display times out and goes dark.

@Milesco 3 роки тому

@@fkkyourlife : Yeah, I know, but I leave it that way for security reasons.

@gunnarallgottsmann 3 роки тому

@@Milesco You can fix this in settings, when your display goes dark, you only need to push power button and put your finger on the finger print sensor button without pushing it. Or you can push the home button and leave your finger on the sensor till it opens up your device. Stay safe, healty, strong, happy and be blessed ✌️🍀❣️

@julienl9821 4 роки тому

A user is at fault for a weak password. Companies are at fault for: - public facing databases with no / default passwords, - not securing user passwords (hash + salt, etc...) - forcing dumb and insecure security schemes (security questions, what's your first pet, etc...) - disclosure of personal information via insecure API's and such, - not disclosing being hacked in a timely manner - sharing user personal details with and without consent, The list goes on.

@cosmicentity9899 4 роки тому

😗😘😍👏👏👏👏👏👏.Password should not be killed off its the companies should have tightened security and transparency or use fake identities via TOR.

@yfs9035 4 роки тому

@@cosmicentity9899 TOR? What kind of crack are you smoking I want some

@yfs9035 4 роки тому

Most of this list is redundant

@sanneberg1728 4 роки тому

This video doesn't seem to realize that Bio-metrics are basically a password that you can't ever change. If the really on that than once someone gets it you are done for.

@yfs9035 4 роки тому

@@sanneberg1728 Multiple types of biometrics, and I'm pretty sure Michael from the office changed his foot biometrics with the waffle maker incident

@TorreFernand 4 роки тому

Tech companies: Don't use passwords, use fingerprints which can identify you even if you're unconscious Hong Kong Police: Excellent!

@john_gyver 4 роки тому

Exactly, someone may unlock my phone with my finger while I'm sleeping. Face ID is also bad, because I'd need to keep my camera uncovered to make it work - most of us know it's a bad idea, especially at home. Some kind of USB dongle (or any other physical object) has a similar problem like fingerprint scan - can be used when I'm sleeping. I use strong - complex passwords for my electronics and I'll continue using them.

@dizzywow 4 роки тому

@@john_gyver The cops don't need to wait for you to sleep. They can force your finger onto the sensor. Not a good thing.

@dizzywow 4 роки тому

@@asdfasdf-vy4pj Yeah, it's Brave New World.

@FLPhotoCatcher 4 роки тому

Yup. There is a certain ancient prophecy that foretells that a world gov will force ALL to get a secure "mark', otherwise they cannot buy or sell. I think this prophecy is a warning, but I think big govs will, unfortunately ignore the warning.

@elleryjackson2940 4 роки тому

@@dizzywow That's exactly what i was thinking. Law enforcement has got to love this future!!

@NadChel1 3 роки тому

I read an article in Russian that recommended disabling all face and fingerprint recognition on your devices and instead use a password. The reason for that was the fact that a policeman can unlock your device without your permission and see your contacts, communication, etc., for example after arresting you during a peaceful protest

@nettiespitfire8919 2 роки тому

You are so right. If someone is robbing you you are screwed. Also, will a phone, PC, iPhone send you BIO data to Microsoft, google or apple to be stored, misused without your consent? I am sure a 3D printer in the near future will be able to print a copy of someones head from a picture to use it to unlock a device. Just look ar the software that can animate a person just from an old photo.

@RellyOhBoy 3 роки тому

Twice so far I've caught my wife trying to use my finger print to unlock my phone while im asleep. Little does she know, I used my big toe. ;)

@helenboula3538 3 роки тому

OMG wow you're a hound dog you must be

@becarly6108 3 роки тому

😂😂😂 your too funny.. i died when i stumbled across your comment!

@midnightrambler8866 2 роки тому

lMAO!

@carolynworthington8996 2 роки тому

Ha ha ha!

@HBgv5830 2 роки тому

This is a real good one... is it a jock???

@anidynamic 4 роки тому

Jan 21 - There's a site called weleakinfo.com Jan 22 - U.S Department of Justice - Say no more

@Four-S 4 роки тому

Lmao the people who are fans of the site are probably trying to hack vox now

@SL-pg4dh 4 роки тому

“I’m about to end this man’s whole career.”

@PatThePerson 4 роки тому

It would be cool if they worked out a deal to show the passwords to an email, but hide them so at least you'll know if they have your password or other info and can react accordingly, because if they had it, chances are someone else does.

@c182SkylaneRG 4 роки тому

@@PatThePerson Have I Been Pwned just gives you a "yes" or "no" response to data you enter, so you can try all of your email addresses and passwords and get an up or down response to whether they've been compromised without someone else being able to enter your email address and see all your hacked passwords (which you might still be using).

@TheBattery124 4 роки тому

I can't believe it took a video to let the DOJ finally do something. Lol

@opportunityinvestinganalys6986 4 роки тому

As a former developer, that line "keep 20-40 passwords" just hit me in the soul lol. I have a whole folder, filled with passwords and usernames jotted down on paper. Whenever I had to clear my cache, I cried a little.

@cookingwithlynjasbiggestfan Рік тому

Idc.

@zeromusreal Рік тому

@@cookingwithlynjasbiggestfan ooh so salty, did your mom deny you McDonalds?

@themanwhoknewtoomuch6667 Рік тому

1. Photograph all the pages of the folder mentally. 2. Burn the folder. There buddy. Saved you from having your life stolen! :)

@vandread3555 5 місяців тому

Fking Christ dude, just use a password manager like KeePass. What the hell

@donovalmail2222 3 роки тому

This seems like legit big brother. The NSA can't crack our complex 20 digit passwords, so they are going to force us to use face-id and then they can just hold the phone in front of us... and boom handcuffs for having the wrong opinion. Yes, I know I am paranoid. Honestly, just don't want my wife to get in my phone while I sleep.

@EminiMagic 2 роки тому

CORRECT. This is herding the sheeple into the slave world. The power hungry oligarchies wet dream. Supreme court ruled Cops cannot force you to use your password, however they own your biometric data and can force you to use it.

@T-Dog_nation 2 роки тому

Real talk. Also what if someone just holds up a picture of you. Can the device tell the difference between a picture of somebody and the real face?.

@MaryamMaqdisi Рік тому

@@T-Dog_nation imagine if someone 3d prints your face

@hendrx 5 місяців тому

facts

@vdjdhxvdbx9333 3 роки тому

This is literally just a push from big tech to get a hold of even more of your personal data

@Noblyuntruthful 3 роки тому

Of course. Make an argument against how 'inconvenient' passwords are, and how you need 'help', then implement an argument for how convenient and secure fingerprinting is and voila, you have the masses convinced to give their true biological identity everytime they use the net. Oh, you complained about joe biden? Your fingerprint is linked to this comment, perhaps we will freeze your bank account for wrong think.

@Pernection 3 роки тому

Very hegellian.

@narnia1233 3 роки тому

It’s not needed either. There’s systems used by hospitals for example that the company you log into creates a password for you before you log in that expires in a minute. I refuse to give my bio data either. It’s not needed. The current way of having two authentication steps is good enough. We all know now not to trust big tech. That are literally banning people from their service based on politics. They have no need to have our fingerprints, etc.

@RichardHernandez-pz7bt 3 роки тому

@@Noblyuntruthful sir.... I 100% agree. Privacy is important and I am a computer science major. I wouldn't trust any company with my finger print and any face recognition network. I will never let the government have that much power over us.

@ulfpe 3 роки тому

Yes, this is exactly what it's about. The biggest risk is to join your accounts by using for ex Google or even (horror) Facebook. Do not use biometrics on things like phones. The secret must be in your head. Dont use the same user I'd, dont join the accounts. Clear webbrowser after every use, use reasonable vpn.

@rizwana1481 4 роки тому

This doesn't allow users to share prime and Netflix passwords

@spottedtime 4 роки тому

abdul reeyas don’t forget if two or more people shares the same device, due to the cost of buying more devices. Like a family shared desktop computer or laptop because the family could only afford one desktop computer or laptop.

@emerickpilvard8470 4 роки тому

You don't have to, business is business : )

@x0Kamix0x 4 роки тому

Companies should be supporting the delegating of access to user accounts as required. If I want to give my child access, then I should have the flexibility of giving them full access or limited access to view/purchase content.

@HarshitMishra89 4 роки тому

There can be many ways to allow others to login into your Prime or Netflix account..

@amyx231 4 роки тому

Harshit Mishra can I borrow yours then?

@Zedexization 4 роки тому

Blames user for using passwords. Never blame themselves for having a weak security system and infrastructure. Pretty crappy way of avoiding lawsuits.

@JustCrayZ 3 роки тому

Part of protecting data against hackers is making the data itself more complicated to replicate.

@gamechannel1271 3 роки тому

@@JustCrayZ which is accomplished by hashing algorithms and salting. Not by using stronger passwords...

@WeLLeSaMa 3 роки тому

@@JustCrayZ what game channel said!

@hexaltheninjawow9531 3 роки тому

One of the most used passwords (for phones) is the person birthday lmao

@hexaltheninjawow9531 3 роки тому

Plus ”Password” and ”Querty”

@johng.1703 3 роки тому

you can't get a court order for a persons password, but you can use their face / fingerprint to unlock secured items like phones etc.

@zachw566 3 роки тому

Nothing to hide nothing to fear

@johng.1703 3 роки тому

@@zachw566 if that was the case, why does the government have secrets?

@zachw566 3 роки тому

National Security. The safety of its military interests and citizens. It’s economic prosperity, etc

@RingwelskiJacek 3 роки тому

@@zachw566 if you think you are not guilty of breaking the law you are asleep. If law enforcement wants to arrest you they will find something on you. There are over 300,000 federal crimes on the federal law books. That doesn't even count state, county, city, municipality laws.

@aleksandersuur9475 3 роки тому

Yes, yes you can get a court order to pony up passwords, plenty of people have gone to jail for failing to give up their passwords. If justice system decides to screw you over, you are going to get screwed over and no kind of IT security is going to stop that. Having functional IT security and having functional and fair justice system are two different and unrelated issues, you can't fix one with the other and there is no good reason to make policy of one based on policy of the other.

@TheUnitedNations. 3 роки тому

9:22 I'm glad that the director of the FIDO alliance is telling us that FIDO protects our privacy. Definitely a completely unbiased opinion from his side.

@eduardm1301 4 роки тому

0:42 - The Problem with Password 4:47 - How Did We Get There 6:11 - Types of Authentication 8:02 - The FIDO Alliance 9:41 - A Passwordless Future 14:49 - Challenges

@angamiaccent 4 роки тому

Heres your medal 🎖

@mrhebrew599 4 роки тому

I love ppl like u

@veightrwd8828 4 роки тому

You forgot 13:10, apple trying to sell more Apple watches. Lol what a joke.

@lreeher 4 роки тому

They want your bio-metrics; fingerprints, retinal scans, facial impressions etcetera for the coming Social Credit System. You will be "allowed" or "denied" service and conveniences based on what the government and big tech decide is good for them or you. You won't get to decide. Just like UKposts banning and ghosting accounts that don't support their agendas. Want to fly to the UK? Denied. Why? Who knows? The algorithm decided and there is no appealing these decisions. Want get an Uber to the next town? You don't qualify. Want to spend your money? Not today, you should be saving more. Want to get that burger? Not until next week. We know what's best for you. The social crediting system is already being implemented in China and testing in "smart cities" in Australia and Canada. None of this is for your benefit or to stop the terrorists or to save the planet. It is a means of total control. Totalitarianism.

@SupriyoPanda 4 роки тому

Thank you, good sir!

@durbinramsey6654 4 роки тому

Imagine a future where anonimity is impossible.

@powerplayer75 4 роки тому

@Gary Basra considering it would give a lot of power to authoritarian govts its not exactly a fair tradeoff

@Cryo837 4 роки тому

Government collection of bio-metrics. And CNBC pushing their agenda by dissing passwords. Next....

@nihjoo7917 4 роки тому

cryptography.... its a part of nature.... anonymity* btw and its always possible

@hotrodjones74 4 роки тому

That's their goal. It'll be hard to achieve...

@Eusantdac 4 роки тому

I would rather not lol

@Lyf4rMusic 4 роки тому

The ultimate advantage of passwords are: *You can't steal it from the person's mind* !! Finger print: you can unlock someone's phone when they're sleeping by simply placing the owner's finger. Face ID: Similar to above

@walden6272 3 роки тому

So a hacker will sneak into someone house and slip into their bedroom and unlock their phone while the person sleeps? Impressive ninja skills. Or would a hacker cracks your password remotely be more feasible. I wonder which one would the hackers prefer.

@prithvirajb1953 3 роки тому

Face ID can actually detect if the person is sleeping

@fredbear1446 3 роки тому

@@prithvirajb1953 you dont need the face you only need the meta data saved for the face stored, you use the data hacked from the phone or fingerprint data to hack anything

@NahshonWebb 3 роки тому

🤫😅

@aa-hj2fd 3 роки тому

Not to mention that our Supreme Court ruled that law enforcement could just force anyone to use their biometrics to open their phones, but could not force one to give up their password to open it.

@MissMarinaCapri 3 роки тому

Individuals protect their passwords. I know I do! Corporations don’t seem to be able to protect our passwords. They get hacked all the time. So they don’t want passwords because they can’t protect our passwords. Then they would be legally liable. That actually makes sense.

@user-tp8ht4xv6f 9 місяців тому

Your password is most likely stored as hash, and if your password is secure enough it will not be recovered by an attackers

@kevinsmak 4 роки тому

$50 a call to reset a password? Come on it takes 2-5 minutes of someone that gets paid about $12 an hour...I know I use to be that $12 an hour person long ago.

@mrparts 4 роки тому

kevinsmak it’s not just the cost of the person. It’s the whole cost of the systems, labor, office space, etc to handle the calls.

@marczhu7473 4 роки тому

very nice 3 call each day and you are set for the daily work.

@dannydaw59 4 роки тому

They can just have you reset the password via email instead of call a person.

@genrabbit9995 4 роки тому

@@dannydaw59 And if its the companies email password they need? Some companies bans the use of gmail/hotmail etc.

@siredward9568 4 роки тому

Someone didn't get paid $$ / got ripped-off.. 🤣🤣🤣

@abishek9551 4 роки тому

This video is sponsored by LastPass.

@ReaganVFilms 4 роки тому

LastPass I used to use it but I never use it since if you forget your password then you would never get it back.

@abishek9551 4 роки тому

@@ReaganVFilms your job is to remember just one password. And there are redundancies if you forget your password.

@higate_col 4 роки тому

@@ReaganVFilms you can enable recovery options against almost all password vaults

@abishek9551 4 роки тому

@Adithya R but it is open source with no first party android/ios app. Lasspass has chrome extension and Apps for phone which are synced. Which is more convenient.

@abishek9551 4 роки тому

@Adithya R Your data is encrypted and decrypted at the device level. Data stored in your vault is kept secret, even from LastPass. Your master password, and the keys used to encrypt and decrypt data, are never sent to LastPass' servers, and are never accessible by LastPass

@uniquechannelnames 3 роки тому

**Goes to weleakinfo.com** This domain has been seized by the Federal Bureau of Investigation. Oh.

@davidabulafia7145 3 роки тому

With finger prints you can get a sleeping or unconscious person to forcibly put their finger on their laptop or mobile.

@pauldailey4477 3 роки тому

@@davidabulafia7145 Sure David, with roof toss you can splat. The fact is that the entire notion of security is a sham with entities like israel around f*cking with humanity. You assholes have taken unauthorized butt pic selfies of mine. Is it only coincidence that these were the moments that I was reaching out to you with fresh dung offerings?

@MFlint-un2tq 3 роки тому

D.S Tice, You went to the wrong site

@MariaTurner161 3 роки тому

@420 Friendly " you must log in first " I find that funny

@KangJangkrik 3 роки тому

Bruh use tor browser, it works

@ravineseder3133 4 роки тому

This will start an industry of lifting and duplicating voices and fingerprints.

@andrew_koala2974 4 роки тому

Now there is a business opportunity selling voice changers.

@janguvpes7518 4 роки тому

I do worry what possibilities there may be in this respect. Can well imagine neural network technologies advancing to the point where this isn't difficult, especially with voices and faces

@josephsvennson5694 4 роки тому

Of course, how else are lawyers supposed to make money if they're not out there defending you in an endless case of stolen identity where your likeness has been hi-jacked.?

@PantherDave 4 роки тому

You'd better get used to changing your voice and your fingerprints!

@tonic316 3 роки тому

Wrong. Some China hacker who lives in a basement isn't getting this. They are hacking using passwords. By using 2 factor or password less they aren't getting in.

@FahadAli-qr5sk 4 роки тому

One thing this report failed to say… The same Password still required to reset, change or even remove biometric security

@emerickpilvard8470 4 роки тому

It's said but in the case of Apple's Face ID recognition fail

@alvaroarellano5922 4 роки тому

Because I was thumb or face password for so long I forgot my actual password so when I bought a new phone I lost all my photos of my kids throughout the years. I try to recover it through email but same thing been so long since I typed in my password for my email I can’t remember it

@Jem_Apple 4 роки тому

Alvaro Arellano you should download google images so u can store everything there aswell. Just as a back up & it’s completely free

@hafizyunus4695 4 роки тому

@@alvaroarellano5922 i guess thats why two factor auth is better. You have to use both

@DantesInferno96 4 роки тому

@@alvaroarellano5922 it's better to write down your password in a diary or something. I store mine in last pass because I have so many accounts.

@kaloianmitrev6279 3 роки тому

I trust my 24 char pass more than Google, Microsoft, Facebook that have multiple lawsuit for privacy breaches and now anti-trust lawsuit

@uploadsadlibitum6264 3 роки тому

Microsoft doesn't have anti-trust lawsuits (:

@ThomasBomb45 3 роки тому

@@uploadsadlibitum6264 they did a decade or two ago

@nateofthesouth 3 роки тому

AMEN!

@carolynworthington8996 2 роки тому

But how do you remember them?

@kaloianmitrev6279 2 роки тому

@@carolynworthington8996 its called brain you train it and starts remembering you abandon it and you start believing that natzis were peacekeepers

@TonyP_Yes-its-Me 3 роки тому

Tech companies: "Use voice, face, and fingerprints". 2020: Wear masks, and gloves. Tech Companies: Oh, FFS!

@thisone.person.1310 3 роки тому

Samsung had the iris scanner going on in their older flagships, would have been about perfect for the situation now.

@mmalouf 4 роки тому

2030 - Experts say that microchipping people is the only way to truly authenticate users

@harmonythebassethound3224 4 роки тому

I don't have a microchip but that pesky cat that lives with me does. She gets on instagram all the time when the human is at work.

@nateromanowski793 4 роки тому

sadly, probably accurate.

@ferry602 4 роки тому

They can start it on you.

@nateromanowski793 4 роки тому

@@ferry602 anyone is up for grabs

@samsonpapaya8716 4 роки тому

Mitchell Malouf experts huh? I’ve raised 4 boys, would that make me an expert in raising children?

@oliverizzard8751 4 роки тому

I'd rather my data gets breached than give you a retina scan ...

@leslieharding3202 4 роки тому

Fn right. Corporations can not be trusted anywhere anytime for any reason. You can trust them to use and abuse people.

@andrew_koala2974 4 роки тому

I am working on a system that uses a rectal scan.

@Corpse0000 4 роки тому

@@andrew_koala2974 lol

@MooMoo69556 4 роки тому

Wow just wait until you learn about drivers licenses and social security... 🙄

@nicholasinbusiness 4 роки тому

@@andrew_koala2974 LOL

@johnunvaxxed1918 3 роки тому

title should read: How Big Tech Wants To Centralize Your Identity (to track you even better)

@Noblyuntruthful 3 роки тому

Gotta keep a tabs on all the cattle lest they get antsy and want to rebel.

@optimisticnihlist9705 3 роки тому

Fear of Big Tech existing is such an American thing. Stop being so sensationalistic and get over yourself

@sergeysmirnov1062 3 роки тому

"And then you type - and possibly mistype" XD During that he literally sounds like one of those infomercial guys, only missing was the greyed out background footage of people trying the most stupid and impractical ways to type in passwords with a big red x across the screen

@browney89 4 роки тому

$50 to reset a password, ok mate.

@britbc4461 4 роки тому

Yeah that was weird. I guess if you take two people's salaries for 10 minutes, plus some tech???

@Thelostboots 4 роки тому

Wouldn’t it be lower because most of them use India it people, their wage costs are lower?

@abeplus7352 4 роки тому

It's automated , the money spent is whatever the server spent processing your request . This is rubbish. Ie the energy output.

@Thelostboots 4 роки тому

S C I’m pretty sure he was just generalizing his figures, it’s not his math that we’re questioning

@Brucelee89896 4 роки тому

i work with servers and people woul call me everytime to reset passwords lol 🤣🤣

@goldwinger5434 4 роки тому

"Hey Jim, can I use your computer to print something?" "Sure, let me rip my face off so you can log in."

@boboften9952 4 роки тому

Remember how you had your photo take at the staff function ........ There's been some files that have been / taken / altered / stolen /deleted and your / fingerprints / facial photo / is the link .....

@omairtech6711 4 роки тому

LOL. That was a good one 😄

@jen_nice2059 4 роки тому

Haha a joke...yay

@nicholasinbusiness 4 роки тому

LOL

@brandonakana4930 4 роки тому

Would a picture of the person do the job? or holding a phone in front of the person's face when they sleep? Hmm

@excitedbox5705 3 роки тому

Apple's 1 in 50k was actually a downgrade. If 1 in 50k random fingerprints unlocks your phone that is like having a 3 letter password. It would take the same number of tries to try all combinations. Same with the face id 1 in 1 million. Having an 8 character password gives billions of combinations and is much more secure. All these biometric systems such as voice and face scans can be faked by a computer AI. You would really need to have some way of making sure that what it is looking at is alive and not a recording which is not possible on a system that a person has physical access to. If I can get at the wires of a camera or biometric sensor I could feed it a video I took while walking past you and get in. Imagine if the government arrested you and wanted to get into your phone. They drill a hole in the back of the case and solder some wires to the camera and attach it to a computer USB port. The USB port outputs a video/data feed that was recorded with another iphone while walking past you in an interrogation room and the phone unlocks. A password however is encrypted inside the phone so without knowing what it is you would need to crack the encryption on that password. The only secure password is a long password that you know and nobody else.

@martyk1156 3 роки тому

Facial recognition and thumb print is a good way to ensure that you do not put a piece of tape over the camera allowing them to record your actions at will.

@mlfmlf8755 2 роки тому

That's true! 🤣🤣🤣🤣 I have a piece of tape on my mobile front camera🤣🤣🤣🤣

@LJLion 4 роки тому

Voice recognition isn't effective. What happens when you get a cold and loose your voice? You're screwed.

@trash0175 3 роки тому

Carlo Cocciolo just use both fingerprints and norm password

@mscolli3 3 роки тому

I work in voice recognition tech -- voices are not that unique.

@thevideoends617 3 роки тому

Does burning your hand on a hot pot change your finger print til it recovers? This would be another realistic issue

@pkj6684 3 роки тому

@Carlo Cocciolo Use your other finger (which hopefully isn't compromised) Or just stay with passwords I suppose

@MACAVELLE50 2 роки тому

@@mscolli3 and super easy to reproduce with a sample.

@toddgattfry5405 4 роки тому

It's not OK to be giving your biometrics to these businesses

@bluewaters3100 4 роки тому

I agree. It is for AI tracking and learning. It makes me uneasy. I refuse to use it on my phone.

@janguvpes7518 4 роки тому

Indeed. I encourage people to search for "surveillance capitalism". I'm very uneasy about handing over biometric data. From the sounds of it, that FIDO standard is supposed to protect user privacy by keeping everything local at least.

@c182SkylaneRG 4 роки тому

@@janguvpes7518 Yeah, I'd like to know more about how that works. Okay, you can access the local device, but what happens if you need to borrow a friend's phone or computer to look something up on your UKposts account? Without passwords, how do you identify you're you without giving biometric data to the receiving company? You buy a new computer, but you still have your old one because of the data stored on it. How do you reestablish all of your accounts on the new computer if the receiving end has no way of authenticating who you are? I'd be very interested in knowing more about how this is all kept "local".

@janguvpes7518 4 роки тому

@@c182SkylaneRG I believe it works by communicating a hash number to servers, so that this could be in common across devices, but what's not communicated is some key on a local device, which is translated via an irreversible algorithm locally. Or something like that... I'm not especially well informed about it. But you can see how the principle is in play with the biometric dongles used in MS in the news report.

@c182SkylaneRG 4 роки тому

@@janguvpes7518 Actually, the news report shows you literally nothing reassuring, just that you put your fingerprint into a magic black box and it grants you access. However, your mention of "hash" and "irreversible algorithm" reminds me of a few videos Tom Scott has made on the subject, which I'd forgotten about. He DOES go into the details about how the mathematical algorithms work to force passwords to only go in one direction, and not be visible on the other end, while still authenticating the user.

@funny-video-YouTube-channel 4 роки тому

Will grandmothers be able to adopt to that ?

@jhlords2 3 роки тому

No unless they are cool grandmothers

@TheLordOfNothing 3 роки тому

Mine keeps forgetting hers. I know. She’s still alive.

@sanskaarkulkarni1036 3 роки тому

@@jhlords2 Tbh they havnt adapted to passwords, they will be better off with biometrics.

@unicorndnaranja5865 3 роки тому

How is storing biometric info on a server any safer than storing passwords on a server?

@drsudhirdehariya9107 3 роки тому

@@jhlords2 vc V

@jlcii 3 роки тому

Yeah, Im not giving up my fingerprint or eye scan for security. The thieves can take my money, I'll keep my body....

@PyPylia 3 роки тому

So what they know what your right thumb or left eye looks like? That isn't you just a tiny fraction of your body. Plus fingerprints aren't even unique.

@ThePaintballreviewpb 3 роки тому

You get to keep the finger or eye lol

@haserotmalach7324 3 роки тому

I agree with you but I'm pretty sure they already have all that info about us, unfortunately.

@optimisticnihlist9705 3 роки тому

Americans are so overly sensationalistic with their privacy and big tech... Get over yourself 😂

@DavidHalverson 3 роки тому

Retinal scanners is a way better security protocol to have, it's like your fingerprint can't be used without having the eyeball present...or the rest of the head.

@GURken 4 роки тому

nope, still don't want to give my biometrics to these corporations

@sanchitjain3498 4 роки тому

@Wuanslm then why the hell are you using their services?

@theonlyivan7610 4 роки тому

GURken Why the government already has it

@linuxinside6188 4 роки тому

@@sanchitjain3498 Does that means that they are allowed to compromise privacy ??

@sanchitjain3498 4 роки тому

@@linuxinside6188 Well they have policies which prevent them compromising with our privacy.

@sanchitjain3498 4 роки тому

@@linuxinside6188 And the biometrics are stored in your own device, they don't have any access to it

@kidkurmudgeon7015 4 роки тому

phones using fingerprint rather than password protection can be accessed by police

@coughodemon8592 4 роки тому

I mean it's going to be quite pricey

@YourTVUnplugged 4 роки тому

Yea and that's exactly why they are doing this push... A fingerprint is literally just a password when it comes down to it, except one that can't be changed... And one they already know since they pretty much have everyones fingerprint already.

@josephsvennson5694 4 роки тому

Of course, how else are they supposed to jam your as$ up?

@MrAwesomenaut 4 роки тому

YourTV Unplugged the cops dont have everyones fingerprint. They put your fingerprints in a database when you get arrested, so the only people that would be vulnerable to this are people who got arrested before

@cocojumbo197 4 роки тому

@@MrAwesomenaut actually many jobs require you to have fingerprints taken

@la-zrider2749 3 роки тому

Sounds like a bad idea: If they hack their system they can steal my password, but I can change it later. If they steal my fingerprints / retina how am I supposed to change it later? Also by stealing my eBay password, they will never be able to log on my Instagram account, but if they steal my retina / fingerprint they will be always able to log in in every platform I use.

@Thomot512 3 роки тому

I agree with you. Lately I found different videos about this topic. It seems that even voice recognition is rather "easy" to bypass using a laser beam directed to a mini microphone. I don't remember correctly how it worked but SmarterEveryDay made a good video about it. Fingerprint is something we let behind us everyday and anyone could find and copy them. The face is even worth, there are video surveillance everywhere. I also saw some guy unlocking his smartphone by showing a video of himself on an other smartphone. Password managers like KeepassXC with a (one) good password and a Key File seems like a much safer option to me. And as a bonus we do not need to give our face and fingerprint infos to company like Google that are very well known for not giving a sh** about user privacy.

@swaggydaggy5579 3 роки тому

If these companies get hacked, no one is stealing your password... they're stealing an artifact that has been generated by your password called a "hash". It's not the actual password. Let me repeat that again. Google, FB, etc. do NOT store your passwords. Similarly, they won't actually store your biometrics.

@ericyang9404 3 роки тому

@@swaggydaggy5579 Yes, however some companies will have bad storage techniques, such as plaintext or MD5 just like for passwords, will they not?

@MaximusAlcarinque 3 роки тому

@@ericyang9404 What company is using plaintext or MD5 in 2020?

@ericyang9404 3 роки тому

@@MaximusAlcarinque I guess www.forbes.com/sites/daveywinder/2019/07/02/confirmed-2-billion-records-exposed-in-massive-smart-home-device-breach/#41d954f2411c, or maybe haveibeenpwned.com/PwnedWebsites#DemonForums I guess nobody really uses these, but some sites like haveibeenpwned.com/PwnedWebsites#Tokopedia are still using salted MD5s. And haveibeenpwned.com/PwnedWebsites#Tokopedia, SHA-1s, essentially the same in hashes I guess

@chancerobinson5112 3 роки тому

Pretty sophisticated way to blame the victim, and not all the data miners like, Yahoo, google, banks, etc. who get hacked.

@burningwp 4 роки тому

"Our bad habits?" Oh sure, we decided this was the way to do things, not the companies. And even though passwords suck, let's make a few things clear: the alternative is either more money for them and/or less privacy for us.

@chrisr6828 4 роки тому

Wish I made $50 every time I got a call for a password reset.

@timmelton856 4 роки тому

Maybe you are unaware that you are contacting a business for IT support or a division (of the same company) has to show a use case though profit. Any tech has to perform at certain matrix; one of those is dollars per hour, remember that is not how much the tech gets paid. The use case or profit is on the ROI. Wages are just a part of the P&L statement. Some of that has to pay for the equipment and facilities etc (e.g. bathrooms).

@youKnowWho3311 4 роки тому

Help desk pay + PTO + cat sick days+ Loan forgiveness + physical cube inside of massive city center real estate+..... do I need to continue?

@Declare57 3 роки тому

Oh, a such a shame we are costing Microsoft money. I'm so sorry for them!

@evm6177 3 роки тому

🍷😆

@Veltorb 3 роки тому

The more you cost to them the more they're apps will cost you and the more data about you will be collected to be sold, so you should stop antagonizing big companies, if you don't like them just don't use their services

@nofanfelani6924 3 роки тому

How can people not antagonizing them if they tell us such bs

@Veltorb 3 роки тому

@@nofanfelani6924 what bs are they telling us?

@nofanfelani6924 3 роки тому

@@Veltorb Can't you tell from the original comment? If not, then alright. Have a nice new year!

@AlexandarHullRichter 3 роки тому

I like the idea of question and response for a password. The question and response should both be completely free form though. You don't have to remember a complicated password because the computer will simply ask you to recall the answer to a question you told it to ask. If the answer the computer requires can be a full sentence rather than a single word, that makes it far more secure as well.

@MaryamMaqdisi Рік тому

That kind of sounds like a password but with a hint

@_MintArcade 4 роки тому

Companies: we don't want to be held liable to our *plaintext password* leak anymore

@Mas3452001 4 роки тому

Feel like the FBI watched this and then went "oh snap!" and started snatching up these leaking sites lol

@dreadpiratelenny1348 4 роки тому

Matt S- Was thinking the same. Propably what happened, for real! The alphabet dudes really are just an inept bunch of dorks with pistols, it seems.

@Roxor128 3 роки тому

It seems like most of these companies are trying to go from one-factor authentication with passwords-only to one-factor authentication with biometrics-only. Problem with biometrics is they don't require you to cooperate with someone who wants in (likewise for keys). If your phone uses fingerprints only, and someone has you tied up, they can just force your finger onto the sensor and get in. Now, if you combine biometrics with a password, forcing a finger onto a sensor only gets you halfway there if the person won't cooperate and tell you the password. Of course, the best approach is to combine all three methods and have a password, a physical key, AND a biometric scan, and require all three to be valid before giving access.

@gamingtonight1526 3 роки тому

Passwords are not very secure, but they give us freedom, anything to replace passwords will mean less freedom, and will probably not be any more secure in just a couple of years! As in 4:30 (pause and read the text just under what was highlighted and commented on!)

@muffinlovin 4 роки тому

....so to protect our information we must provide more information? Like facial features and biometrics on top of our passwords? Why does it sound like we're giving them more leverage... or....am I just paranoid.

@justinmiller1118 3 роки тому

Nope. This is a terrible idea. You are 100% right. We need to fight to preserve the password. It is the only way to preserve privacy and security. That is why big corporations and authoritarian regimes hate the password so much.

@jalenec 4 роки тому

That sounds like a cool site, let me go che-- THIS DOMAIN HAS BEEN SEIZED

@jofx4051 4 роки тому

I activate PotOfDuality

@alexandremercier8851 4 роки тому

Jofx what do you mean?

@jofx4051 4 роки тому

@@alexandremercier8851 Just a cross reference to Yugioh, nothing means related to video lol

@DLCS-2 3 роки тому

@@jofx4051 better one HeartOfTheCards. It always has the answer.

@coolcatalesha 3 роки тому

literally i was like omfg ive never seen this before

@erkdoc5 3 роки тому

"Bad passwords are really easy to hack" them: "the typical password is too easy to hack"

@PowerPenguin117 4 роки тому

Remember. The court cannot force you to say anything, including your password, to prove yourself guilty but the court can force you to surrender any hardware keys which might get you convicted.

@Aelfraed26 4 роки тому

I keep all my passwords in a spreadsheet, but they're "encrypted", that is, written in a way that only I understand, so they help me remember what each password is for each site or service.

@stewartanderson6560 4 роки тому

Lol

@Bloodwolfz4 4 роки тому

Wowwwwwwwwwww so what’s your girlfriend like?

@praetorxyn 4 роки тому

Just use a password manager. Preferably one open source and capable of auto fill on all devices like Bitwarden. You can self-host a lightweight Rust implementation in bitwarden_rs if you don't want your vault to live in Azure servers.

@praetorxyn 4 роки тому

@jeffrey vaughan If it's behind a 7 word diceware passphrase good luck with that. Not to mention if a hacker has local access to your computer to take advantage of that you've already been hacked.

@sharfuddinmohammed77 4 роки тому

ISuckTiggos More beautiful than your non existent one may be

@matthewguthrie7675 4 роки тому

People fear their face and fingerprints being recorded and getting in the wrong hands.

@andrew_koala2974 4 роки тому

Anyone who has been arrested, even for minor offenses has their fingerprints and Photograph recorded. In some cases, swabs are taken for DNS records under the pretense of undertaking a drug test.. Biometric data security also has as many holes in it as a Swiss Cheese.

@sundhaug92 4 роки тому

That's why doing it on the local device is so important

@Overload151 4 роки тому

@@andrew_koala2974 Just for being arrested? In my contry all of my fingerprints were scanned when I was getting my citizen ID. Not gonna lie, they do use it for authentication, as later that day I had to authenticate and any of my fingers could do

@kindanyume 4 роки тому

for damn good reason!!! Hong Kong anyone??

@AJ42069 4 роки тому

Imagine having ur full name as ur username and you post selfies online but complain about face n fingerprint readings in the wrong hands.....lmfao what on earth would a criminal need or want ur selfies or prints for 😭😭😭😭😭

@abifaiq9645 3 роки тому

For a second I thought dashlane was going to sponsor this video with it's one click complicated password ad

@danharvey3096 3 роки тому

Have never used facial recognition or thumb-print biometrics, it just seems too open to abuse by a future authoritarian government if you ask me, particularly considering our cameras and mics can already be turned on remotely via the mechanisation of the apps we use. Facial recognition surveillance is made much easier when our biometric data is processed in the system rather than just some still photos. Plus biometric details can still be hacked anyway. So I stick with a complex password combination which I remember, but I change every so often, and I use Google authenticator or Authy where possible.. I don't see how Google authenticator is any less secure than biometric anyway since it's a very limited time code which has to be viewed in person..

@uniquechannelnames 3 роки тому

Seriously go get a physical security key (like a yubikey). They don't use any biometrics (well a new gen of Yubikey is introducing a fingerprint on the conductor but I'm nearly 100% sure that will only be stored locally on the key not on any server, but the 5 series just has a plain conductor button to prove your pushing the button) and dont use any personal information. The keys are not tied to your identity. They are also waaay more secure than facial or biometric data, they cannot be copied, cannot be spoofed, and are immune to phishing (unless you mail your security key to the scammer physically lol). Most major websites have integrated at least Yubikey, if not most U2F keys. Yubikey is also great cause they're designed very sleek and thin, even the USB-A plug in key is about 1/8 inch thin. You can look up plenty of youtube videos explaining how they work, how amazingly secure they are, and really are the best all in one option for both security and maintaining personal and biometric privacy. Much more secure than Authenticator (although one-time password apps like Google Auth. and Authy are quite secure themselves unless you get Man in the middle'd or phished/fake websites that can enter your 6 digit passcode quickly, it's possible). But with security keys they need the physical key and to push a button on it physically to authenticate. Best option in my mind (and many top experts in the field).

@Donteatacowman 4 роки тому

I was waiting on the discussion about how crappy biometrics actually is at security but I'm at the 11 minute mark and it's just an ad for tech companies... nvm.............

@omarh1315 4 роки тому

How in the world did you come to the stupid ass conclusion that biometrics are crappy security.

@stevenoviedo541 4 роки тому

It's MSNBC what did you expect. They are corporate crooks

@omarh1315 4 роки тому

@P Ciprian very, very wrong. This isn't 2005 biometrics. Unless it's optical you 100% cannot imprint the biometrics. Even if you could that's still 1000000x safer then passwords lmao

@kindanyume 4 роки тому

@@omarh1315 /facepalm

@gernottiefenbrunner172 4 роки тому

@@omarh1315 you do realize that the data must be transmitted at some point, right? simply having access to its binary representation is enough. Some website IS going to leak it, and at that point, hackers have a guarantee that you use the same password everywhere else, and you can't even change it.

@lairdriver 4 роки тому

And people thought Skynet was fantasy. You get addicted to the technology and they force you to sacrifice your privacy and identify. It's weird and disturbing.

@Noblyuntruthful 3 роки тому

They would argue that they have the users 'consent' as you have the choice to refuse their services.

@alexandergonczi3732 3 роки тому

I think its because of the proprietary password managers. You get dependant on for example of Apple's password managing systems and the switch to let's say an Android device gets harder and harder. Some 3rd party password managers do this too: The 1. Device to use the manager is free but you have to pay for more devices. The possible scenario: Your password manager changes all your passwords to a more secure one, but now, if you want to use your password on another device, the only easy option would be to pay the subscription for more devices. Because you depend on it.

@PeterJ-cb3vk 3 роки тому

I'm starting to appreciate the 60's and 70's even more. Life was so much simpler.

@RaizerZ 4 роки тому

Watch when they want to chip us as the alternative to passwords.

@hitom43 4 роки тому

"Ethical hacker" =)) . The passwords are like locks for the door, everyone with a certain knowledge could lockpick it or with raw power could break a window or the door and not care about the lock, but you still lock the door because it acts like a discouragement and a psychological barrier. Keep your passwords safe and have a nice day.

@Luxalpa 4 роки тому

This analogy is entirely false. Nothing about passwords is comparable to door locks.

@hitom43 4 роки тому

@@Luxalpa Then I might suggest you look on how a lock works. Virtual or physical, they both share the same principle and concept.

@zdcyclops1lickley190 4 роки тому

I never lock my doors, why would I? I have nothing worth stealing, don't care if I die tonight.

@AssTelescope 3 роки тому

And when the bad guys have your fingerprint then good luck changing that

@darthvader5300 3 роки тому

DNA scan cannot be copied.

@KrishnaAdettiwar 3 роки тому

Touch ID looks underneath your first couple layers of skin so the bad guys would literally have to force you to put your live finger on the sensor for it to work lol even a chopped off finger won’t work because the cells underneath would be dead

@royk7712 3 роки тому

They usually use ultrasonic to create 3d map of the finger. So u can't just use fingerprint and use tape to copy them and put them on your finger

@AssTelescope 3 роки тому

@@KrishnaAdettiwar my point is that once the uniqueness of your fingerprint has been digitised and its public it can't be changed like a password can be.

@pdxmusl1510 3 роки тому

Here's how to hack a fingerprint. First, let's just assume there's a data breach already and your finger print is easily accessible to a bad person. Because that's inevitable anyway and that's not the real challenge. But all you'd have to do is modify the device to bypass the sensor and upload the scan in the expected format. Maybe with some random noise. Im not saying it would be really easy. And it would mean you'd need access to the device long enough. But stuff like this is already out there. Fingerprint scans on there own are an effectively useless security measure once its been compromised.

@NWAWskeptic 3 роки тому

Keep in mind that right now for your phone or computer, the cops cannot make you tell them your password. But they can forcibly make you unlock with fingerprints, USB dongle, face recognition or RSA soft token that you possess. I agree that passwords are the least secure of them all, but I also think it is a valuable component when bundled as part of a multi-factor authentication environment in situations where you could be compelled against your will to unlock a secure device.

@fujihita2500 4 роки тому

I have watched the first Avenger movie so no thank you, I'd like to keep my eyeballs in their sockets.

@AndyHage 4 роки тому

Imagine wearing your password on your face, every day and everywhere you go.

@angelgjr1999 4 роки тому

Andy Hage Yup. Face ID is a joke. The Chinese already know how to do biometric scans on mass populace with cameras on the streets.

@bbman10pwns 4 роки тому

Facial recognition security cameras are already being deployed by government agencies, and I have to imagine they'll inevitably be available for the consumer market. May not be 10 years, or even 20 years, but there will be machine learning/facial recognition cameras widely available. Facebook already has the largest database of available faces to test against. 100% spot on when you say it's not a good idea to wear your password on your face when ANYONE will be able to scrape that information. What will happen then? Probably won't even need physical access to the device to feed spoofed credentials into it via camera api or whatever.

@mrfreshman521 3 роки тому

0:04 he is very determined 🤣

@dhelsel89 3 роки тому

KeePass is a solid free open source password manager that stores all of your passwords wherever you choose (not a centralized database) and will auto generate a password for you depending on the parameters you set for it. For anyone who doesn't want some James Bond style fingerprint lifted off your scotch glass and then open all of your accounts.

@krisb-travel 4 роки тому

lol $50 per call, that comment made me loose interest, this dude is just doing a sale pitch, dont bother watching

@GodleyX 4 роки тому

What? You mean you don't make $100 per hour answering phones?

@aznfratboy1 4 роки тому

There's the cost of infrastructure to establish the programme, the training, the software and hardware required, not to mention the lost productivity. If you're going to say something, at least make it sound like you're not aged eleven.

@timmelton856 4 роки тому

@TacticalRick507 4 роки тому

Yeah, I know that when I call India I am paying 50 per call, what a lie. This is biometric registry propaganda. They left out the real reason passwords no longer work. Qbits

@SWLinPHX 4 роки тому

Loose rhymes with goose and is the opposite of tight.

@CristianLopez-xi4rt 4 роки тому

So now hackers are going to get my password but my face my voice, my retina, and my fingerprint. Thanks!

@KhanPiesseONE 3 роки тому

Biometric data is not shared to the internet. Your Android, Windows, iOS, or MacOS devices, do not share your finger print data or facial recognition data to the internet, all the detection and analysis is done on the device and it is impossibly difficult for hackers to steal your device, and then physically unencrypt that data.

@soha786sajju 3 роки тому

Peter Mortensen yes

@johnwang9914 3 роки тому

Remember the "Demolition Man" scene where the eye was speared on a pencil to access via retinal scan. It can't be by the revealing of identifying information, it has to be a challenge response of a one time password not the revealing of something static such as a fingerprint or a retinal scan. Unfortunately, to make a challenge response one time password convenient requires implanted chips or a token device such as a phone which represents your identity.

@insanitylol 3 роки тому

Khan Piesse it’s still able to steal. if analysis is done on device, surely you just hack the device. Call me stupid I’m fine, but nothing is unhackable. Hackers will do anything they can in their power to steal your data.

@brendenblackburn2803 3 роки тому

@@KhanPiesseONE That's the thing, you have no way of knowing that. You're relying on their word. The software is proprietary, so you can't actually know what it does.

@mitchellbrusseau 3 роки тому

My password is 46 characters long and I use 4 factor id settings to make sure all my accounts are secure. A password is essential. As a person who's had many personal security issues due to fraud and identity impersonation if I didn't have such long passwords and the other steps for logging in to an account I'd be in very bad shape financially.

@sebasfavaron 3 роки тому

I feel like password managers where very intentionally left out to serve their agendas. Cmon.. password managers are great, you get really tough passwords, can share access to Netflix without even sharing the password, login info gets inputed automatically if you want. And if you don't trust the companies providing the service (they say your passwords never get to them unencrypted, i.e. they couldn't use them even if they wanted to), you can always run a service like that locally

@uniquechannelnames 3 роки тому

Yup, and on top of that, you can layer the unlocking of your database file with something like a Challenge-Response from a Yubikey on top of your master password. Only threat you face then is somehow leaving it open on a device, or getting a clipboard malware/keylogger on your computer. I don't see how the file itself could possibly be cracked with both a long master password as well as a Challenge Response on it. Still, it reduces a lot of other threats, leaving only highly targeted attacks. (As far as I know I'm not a professional)

@danyellhenrique 4 роки тому

Who else went to WeLeakInfo just to find out that it has been seized by the FBI.

@davidbeppler3032 4 роки тому

That is illegal. The FBI has no right to interfear with a money making business. Companies have rights. Capitalism at work.

@Rillant 4 роки тому

@@davidbeppler3032 It was the Dutch police, not the FBI perse.

@frankyflowers 4 роки тому

the FBI seized a website without due process? not likely

@angelgjr1999 4 роки тому

It was done by German and Italian police. FBI just allowed it.

@ShidaiTaino 4 роки тому

David Beppler are you stupid?

@shahnidismail8941 4 роки тому

So that corporations can know where we are, what we do and what we want. Oh wait they already know all those things.

@mateuszbak1060 4 роки тому

Oh wait they also already know all those things.

@operatorjewski9450 4 роки тому

@@booomkiller it doesnt matter compare that when going outside.

@TK-gd9td 4 роки тому

dont forget to polish your tin hat to stop the 5G wireless signal from controlling your brain.

@aboxintheblack9530 4 роки тому

Shahnid Ismail what we think

@jmtrad1906 3 роки тому

I did something to standard my passwords but make a difference one to every site. That's how i did. > a normal password > a symbol > a upper letter based on the site/service name > a number based on the site/service name > another symbol

@MooseBme 3 роки тому

"BREAKING NEWS!" LiKe everything else... "security" IS AN (inconvenient) ILLUSION!

@MaxBeamer 4 роки тому

Uhhh what if I want to share my computer with someone? I call home and need my wife to email a paper to me at work?? How can I tell her the password if there isn’t one lol

@evm6177 3 роки тому

🍷😆

@BONGONDORForthewin 3 роки тому

Well you are sol guess you shouldve used a password

@BONGONDORForthewin 3 роки тому

@George Armstrong you cant remote unless its already unlocked

@zeesworld3371 3 роки тому

life size print out or silicon head 😂

@fuzzhead76 3 роки тому

You should never be sharing your password with anyone. The shared rights should exist on the device or data inherently.

@1337flite 4 роки тому

"phishing attacks are caused by passwords"? phishing attacks are used to gain passwords. Microsoft needs a new taklking head. That was an unclear statement at and just wrong at worst.

@angelas5099 3 роки тому

Well, the existence of passwords is what causes phishing attacks to exist in the first place. They aren't wrong. No passwords means there is no use of phishing attacks so they won't exist.

@hydrus77 3 роки тому

None of this is the real reason they want you to ditch your passwords, wake up people

@givemefeedbacknerds4507 3 роки тому

Explain?

@Rod-bp8ow 3 роки тому

Passwords are the best things in life to each and everyone that always would like to be tested for their instincts. It is the way people retrieved what needs to be retrieved from their own thinking respectively. It makes them certain in their many ways, while being accurate to details. Passwords are created not to harm, they are designed to be able to bring out the best things that every individual possesses.

@fruitypicks4167 4 роки тому

NBC using "big tech" like they're not part of the establishment lol

@kristenpaul7159 4 роки тому

You all of a sudden have become a must watch youtube channel, good on you. Keep up the good work. Keep me informed.

@kagitsune 2 роки тому

Thank you, FINALLY someone realizes how easy it would be to spoof a 2FA request. Too bad he was biased or wrong about basically everything else. 🙃

@sounsure9108 3 роки тому

My iPhone never lets me in by touch age and wear on my fingertips! I was a art print maker and used a lot of acid and solvents and then a housewife

@litestreamer 3 роки тому

same with some massage therapists.

@cferracini 4 роки тому

Me: *wears makeup* Laptop: I have never seen this woman in my entire life. Funny enough, it has no problem recognizing me with no makeup and hair partially covering my face

@pikachu5647 4 роки тому

this tells how many men are deceived by makeup everyday

@keithmoriyama5421 3 роки тому

@@pikachu5647 It's not deception when women do it.

@jathebest2835 3 роки тому

@@pikachu5647 Simple men out there should take your advice...

@roboko6618 4 роки тому

The photoshop work on the weleakinfo fbi seizure page looks like something i'd do when I was 12

@juanvillalobos9044 3 роки тому

Two Step Authentication is the best, not even the owner can log in if they change their phone number😆

@Balikon 3 роки тому

For each password, I learned a password-phrase of which the words 1st letter or number are part of the password. Fep,Ilap-powtw1lonapotp If my password is a coulumn of digits, I learn the pattern when I enter it on my numerical keyboard. By doing this, I can create complex passwords and keep them in mind. May take a moment longer to type the password in. Sometimes I am still confused with password, but I never forgot one.

@will2r 4 роки тому

if the fingerprint is stored as mathematical data on the device, isn't it essentially just a password?

@sunmethods 4 роки тому

The problem with authenticating ONLY with biometrics is that neither face ID nor touch ID actually require you to consent to authentication, or to even be conscious. A somewhat extreme but necessary example to prove the point: Imagine you're tied to a chair by some bad actor or/and perhaps some authoritarian government agent. If this bad actor wants access to private data on your device, they would simply have to wave the device in front of your face, or go behind you and press your hand to the fingerprint reader. Again, your consent, nor consciousness, nor LIFE is required for that. Any biometric authentication scheme needs to be backed up by some proof of the user's active, intentional engagement with the device.

@cat-.- 4 роки тому

In that case if you have a password you will be tortured

@johnwang9914 3 роки тому

Security has always boil down to having both what you have and what you know. Passwords are what you know, second factor authentication is what you have. Unless they want to chip us and have challenge response authentication, we will never have security beyond these two aspects of authentication. I'm surprised more people don't use password managers and use randomly generated passwords.

@MaryamMaqdisi Рік тому

Agreed

@johnqpublic6228 3 роки тому

- Why do companies and computer companies restrict passwords to 8 to 15 characters? On top of this, the systems has purposely restricted passwords to only allow 128 ascii character sets in stead of 256 ascii character sets. In utilizing the 256 character set passwords would be a hundred times more secure then what is allowed today. Tactics such as "brute force", would become useless. Places such as your router will still require passwords and the larger and more complex is better. Also remember that the USA government has backdoors implemented in your router even as you take it off the store shelf. Use a hardware key if you really have issues with passwords. Your privacy is in jeopardy, be on guard.

@cspicer77 4 роки тому

Last I checked law enforcement can make you give up a fingerprint or face recognition to unlock a phone but they can't make you give up a password.

@ayecarumba4928 4 роки тому

You are the only one that's making sense here

@dizzywow 4 роки тому

@@ayecarumba4928 I made the same point.

@2011smperry 4 роки тому

""Ï don't believe there's any such thing as a bad password, only a badly created password."

@carpettunnel8837 4 роки тому

The 2 are very distinct issues. You could have an alphanumeric password that appears to have an entropy of 128 bits but if you generate that password “randomly” using software that had a vulnerability in its random number generator, it’s possible that password generation is deterministic in nature (not truly random) making your password vulnerable. This is mostly applicable to encryption keys and such, not so much service provider websites where the number of attempts to log in may be too limited.

@andrew_koala2974 4 роки тому

Please give a definition of BAD.

@sounsure9108 3 роки тому

I feel like if you work for Apple or google you should be able to reset your password without help of a tech guy.

@peberdah Рік тому

I use a bookmarklet to compound a site url in the hash section ciphered user pass pair under a PIN number. If there is no hash section, it collect fields user and pass value, ask for a pin generating a LOGINURL in address bar that you can bookmark or copy. If bookmark contain a hash section you are prompted for a PIN, user pass are decyphered, to fill respective fields and SUBMIT triggered. Most of browsers know how to sync bookmarks between themselves, so you don't need to store bookmarks on Cloud or USB key. The process run within login page, nothing is typed on the keyboard, process stay in vacuum.

@SaladFingers_ 4 роки тому

What everyone fails to mention is that it depends on the system the password is checked against. Sure, and 8-digit password would be cracked in seconds in a fantasy scenario, but how would one know? If it takes a thousand attempts, how are you going to brute force said login prompt? Applications that respect themselves will quickly boot anyone that constantly tries wrong passwords. Brute forcing just doesn't work in modern websites.

@timmyrivadavia3374 4 роки тому

cute profile pic