Saturday, July 14, 2012

Yahoo says password vulnerability fixed

6 hrs.

Yahoo says it has fixed the vulnerability that allowed 450,000 user email addresses and passwords to be?stolen from its user-generated content service, Yahoo! Voices.

In a blog posting, Yahoo?said that the "compromised information was provided by writers who had joined Associated Content?prior to May 2010, when it was acquired by Yahoo!.? (Associated Content is now the Yahoo! Contributor Network.)? This compromised file was a standalone file that was not used to grant access to Yahoo! systems and services."

The vulnerability has been taken care of, Yahoo said; it's also put into place "additional security measures for affected Yahoo! users,?enhanced our underlying security controls?and are?in the process of notifying affected users.

"In addition, we will continue to take significant measures to protect our users and their data."

Yahoo is advising users who joined Associated Content before May 2010 using their Yahoo email address to log into their Yahoo account, where they may be prompted to answer a series of authentication questions to change and validate their credentials.

Earlier in the week, the company confirmed?that an "older file from Yahoo! Contributor Network (previously Associated Content) containing approximately 400,000 Yahoo! and other company users names and passwords" were stolen July 11.

Security company ESET?broke down the Yahoo! Voices data?and found that the most common password was "123456," followed by "password" and "welcome," according to SecurityNewsDaily, which said the most common password length was eight characters, and fully one-third of the passwords contained only lower-case letters.

"Yahoo! Voices' administrators made a big mistake storing the passwords in plaintext, but all users need to bolster their own security as well. Make passwords harder to guess by making them more than eight characters long, and pepper them with upper-case letters, numbers and punctuation marks."

Msnbc.com's?Devin Coldewey also provides some guidance on password help here.

? Hat tip to eWeek

Check out Technolog, Gadgetbox, Digital Life and In-Game on?Facebook,?and on?Twitter, follow Suzanne Choney.

Source: http://www.technolog.msnbc.msn.com/technology/technolog/yahoo-voices-password-vulnerability-fixed-company-says-883165

lee corso lee corso thanksgiving appetizers greg jennings thanksgiving recipes thanksgiving recipes mashed potato recipe

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.