Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

OneLogin: Breach Exposed Ability to Decrypt Data

Share and discuss recent and important events about malware, privacy, or security. User contributed news. Please do not copy and paste full news stories. Please do quote the essential paragraph of the story. Provide a link to the source.

OneLogin: Breach Exposed Ability to Decrypt Data

Unread postby TheQuestion » June 2nd, 2017, 11:45 am

OneLogin, an online service that lets users manage logins to sites and apps from a single platform, says it has suffered a security breach in which customer data was compromised, including the ability to decrypt encrypted data.


Source: https://krebsonsecurity.com/2017/06/one ... rypt-data/
User avatar
TheQuestion
Active Member
 
Posts: 2
Joined: June 1st, 2017, 3:11 pm
Advertisement
Register to Remove

Re: OneLogin: Breach Exposed Ability to Decrypt Data

Unread postby NonSuch » June 2nd, 2017, 3:33 pm

This is indeed a very nasty situation.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27771
Joined: February 23rd, 2005, 7:08 am
Location: California

Re: OneLogin: Breach Exposed Ability to Decrypt Data

Unread postby Gary R » June 2nd, 2017, 5:53 pm

No website is ever 100% secure, we hear reports of "secure" sites having their data compromised every day. So why anyone would use one to hold their login credentials for multiple sites and/or devices, is quite honestly beyond me.

Security I'm afraid is by necessity inconvenient, and in attempting to reduce that inconvenience, all that usually happens is that the security gets compromised.
User avatar
Gary R
Administrator
Administrator
 
Posts: 23257
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: OneLogin: Breach Exposed Ability to Decrypt Data

Unread postby TheQuestion » June 3rd, 2017, 6:46 am

Unfortunately the industry appears to be loosing the "Convenience vs Security" battle. Folks will inherently choose convenience, only sporadically shaken to action by stories such as these.

The question is, how do we effectively keep the the necessity of security in peoples minds while avoiding the associated progressive desensitization? :scratch:
User avatar
TheQuestion
Active Member
 
Posts: 2
Joined: June 1st, 2017, 3:11 pm

Re: OneLogin: Breach Exposed Ability to Decrypt Data

Unread postby NonSuch » June 3rd, 2017, 4:16 pm

It is unfortunate, but there is no way to protect a computer from its greatest threat... the end user. There will always be users who will choose a password such as "123456" or "password," or their last name or birthday. They are the same folks who, no matter how many times they've been warned not to do it, just can't bear to pass up a chance to click on a link that will take them to a free site where they can download a screensaver of dancing pigs or flying monkeys.

Point these people to a site that promises it will allow them to "safely and securely" store all their passwords in the mythical cloud universe and they will flock to it.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 27771
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Security News



Who is online

Users browsing this forum: No registered users and 1 guest

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware