Let me make this as simple as possible for you — everyone should be using a password manager. What is a password manager? It’s an app, or, more commonly these days, a combination of online service and app, that safely and securely stores your passwords, and also makes them available on all your devices.For some people, this might be the one built into the browser or operating system, or a separate standalone app (and for some, it’s a physical notebook, which I don’t approve of, but think is far better than nothing).For me, a good password manager is one that you can install on all your devices, so you get access to your passwords no matter what device you are using. This not only makes accessing your passwords easy, but also means that you’re less likely to break the two Prime Directives of passwords — using weak passwords or reusing passwords.There are many password management apps and services out there but one of the biggest names in the field is 1Password.What is it that sets 1Password apart from the rest?

LikeEasy to usePacked with great featuresEmergency Kit helps prevent account lockouts

Don’t LikeNo free plan

There are a few features that I really like about 1Password. Security breach alerts — These let you know if your passwords have been leaked in the wild.Phishing protection — This protects you against websites that might try to steal your passwords. 1Password will only pass password details to browsers that have been signed by an identified developer — this means that hackers can’t use use a modified browser to steal your data.Emergency Kit account recovery feature — This prevents you getting locked out of your account.App and U2F key-based multi-factor authentication — An added layer of protection to prevent unauthorised access.Clipboard clearing feature — This prevents leaking your password from the clipboard data.Keylogger protection — This prevents hackers from using a keylogger to grab your data.User consent required to pass password data to the browser — This leaves you in complete control.Built-in digital wallet — Securely stores your bank card detail or ID cards.1 GB document storage — A safe and secure way to store all your important documents.As far as the apps are concerned, 1Password works across a whole range of platforms — Mac, iOS, Windows, Android, Linux, and Chrome OS, and there’s also an extension for the Google Chrome browser.I’ve tested the apps on offer across most platforms (all except Chrome OS and Linux), and it’s a very smooth, easy to use, yet secure experience. The experience differs a bit from platform to platform, but I found it to be a good experience all round, and it syncs between all devices effortlessly.One of my favorite 1Password features is the Emergency Kit. This is a PDF that contains your account email, your Secret Key, and a place for you to write down your master password. You can save this digitally, or choose to print it out and store it somewhere safe, but either way, it offers peace of mind in case you lose some valuable bit of data and can’t gain access to your passwords.All in all, it’s hard to fault 1Password. It works. It’s easy to put passwords in, it’s easy to get them out, and everything is stored securely using AES 256-bit encryption. There’s also the ability to protect access to your account using both app and U2F key-based multi-factor authentication, something that I consider to be an absolute must these days.As for pricing, 1Password has something to suit almost all budgets (except totally free, the best offer is a 14-day trial). An individual plan starts at $2.99 a month, with a 5-license family plan costing $4.99 a month. On the business side, a single license starts at $7.99 a month, with a 10-license teams starter pack costing $19.95. Note that business plans come with additional features such as 5GB of document storage space, usage reports, VIP support, and more.Apart from wishing it offered a free limited plan for those who don’t have the means to pay, this service is pretty close to perfect. I like the broad range of additional services that are offered beyond password management, the core password management experience is solid, and the apps to use on the various platform are well made, reliable, and easy to use.

ZDNet Recommends More

Following Russia’s invasion, Ukraine had asked the Internet Corporation for Assigned Names and Numbers (ICANN) to revoke Russia’s top-level domains (TLD), such as .ru, .рф, and .su be revoked along with the nation’s associated Secure Sockets Layer (SSL) certificates. The request came from  Andrii Nabok, ICANN’s Ukrainian representative, and Mykhailo Fedorov, Ukraine’s vice prime minister and minister of digital transformation.Now, ICANN has replied: No.The letter from Göran Marby, ICANN’s CEO and president, tried to soften the blow, “ICANN stands ready to continue to support Ukrainian and global Internet security, stability, and resiliency.” But, a no is a no.Fedorov had also asked that RIPE NCC, the regional Internet registry for Europe, the Middle East, and parts of Central Asia, withdraw Russia and its Local Internet Registries (LIR) rights to use their assigned IPv4 and IPv6 addresses and to block their DNS root servers.  RIPE had turned down this request earlier. The RIPE NCC Executive Board stated that “the means to communicate should not be affected by domestic political disputes, international conflicts or war. This includes the provision of correctly registered Internet numbering resources.”These moves come as no surprise. Earlier, people with both internet organizations and related groups had made it clear they didn’t want to ask. Andrew Sullivan, president and CEO of the Internet Society, warned that if ICANN has granted Ukraine’s request it might cause “‘Splinternet’ – the splintering of the Internet along geographical, political, commercial, and/or technological boundaries.” This fragmenting would have massive negative effects, while also setting dangerous precedents. Sullivan said: “The calls to cut Russia off from the Internet are a slippery slope, as the ‘Splinternet’ is the antithesis of how the Internet was designed and meant to function. We must resist these calls, no matter how tempting they may be.”Marby agreed: “Within our mission, we maintain neutrality and act in support of the global Internet. Our mission does not extend to taking punitive actions, issuing sanctions, or restricting access against segments of the Internet – regardless of the provocations.”While the internet’s official governors are staying out of the war, unofficial groups such as Anonymous have taken up their cyber arms against Russia. Anonymous has claimed to have taken down various websites, including Russian oil power Gazprom; Russian state news agency RT; and Russian and Belarusian government agencies, including the Kremlin.Numerous companies have also joined the right against Russia. For example, Microsoft President Brad Smith announced that the Windows giant would help Ukraine against Russian cyber attacks. Smith wrote that while “We are a company and not a government or a country,” Microsoft would protect Ukraine from cyberattacks.This is not a 20th-century war. No matter where you are in the world, you’re only an internet connection away from the cyber-frontlines. 

Ukraine Crisis More

Google/ZDNETIf you find your personal information online, like your phone number, address, or email, Google is making it easier to make sure it doesn’t show up again.Also: Google Lens adds a cool search trick to iPhones – how to try itSeveral years ago, Google introduced a “Results about you” tool that lets you track your personal information online and remove it from search results. It wasn’t exactly easy to find this tool, though, because you had to dig deep into the settings menu to see it. Also: The best secure browsers for privacyNow, you can request removal straight from Google Search. Here’s how to do it.How to remove your information from Google SearchWhen you see a result with your personal information, click the three dots next to it, and you’ll see a menu with information about the link, including a “Remove result” button. Choose that, and you’ll see different options for why you want it removed. At the top is “It shows my personal information and I don’t want it here.” Choosing that option sends the page to Google for review. If Google decides it violates policy, it will be removed from search. The original site will still be there, but most online directory sites have options to request the removal of your information. That’s something you’ll want to take advantage of, as information like this is increasingly being used in scams.Also: 9 ways to delete yourself from the internet (and hide your identity online)The three-dot menu also has options to remove illegal content like phishing, violence, or explicit content and to refresh outdated search results (that’s for when you’ve requested information removal and Google is still indexing an old page). More

Twitter has started notifying users today about a dangerous security issue that can allow malicious Android apps running on users’ devices to access private Twitter data, including users’ direct messages (DMs).
According to a support document published today, Twitter said the bug existed because of an underlying vulnerability in the Android operating system itself.
Twitter didn’t specifically identify the Android OS bug, for safety reasons, but said the issue had been fixed since October 2018.
According to Twitter, the Android OS bug only impacted users of Android 8 (Oreo) and Android 9 (Pie), but not those on Android 10.
“Our understanding is 96% of people using Twitter for Android already have an Android security patch installed that protects them from this vulnerability,” Twitter said today.
“For the other 4%, this vulnerability could allow an attacker, through a malicious app installed on your device, to access private Twitter data on your device (like Direct Messages) by working around Android system permissions that protect against this.”
The company social network is now notifying users of the bug and urging them to update the “Twitter for Android” app if they’re using Android 8 or Android 9, where the issue can still be exploited.
The following message is currently being shown to users who are currently using an unpatched Android OS version or have used a vulnerable Android OS version in the past.

Image: ZDNet
Twitter didn’t say how it found out about the issue but said that it hadn’t found any evidence the bug had been exploited in the wild prior to today. However, the company said that it wasn’t “completely sure” about this latter assessment.
The issue didn’t impact users utilizing the company’s iOS app or web portal. More

Boris SV/Getty Images As more companies use generative artificial intelligence (AI) in their workflows, how they oversee training data is becoming increasingly important.  On Tuesday, data security provider BigID announced new capabilities geared towards Microsoft Copilot that tailor training data, strengthen AI security, and streamline compliance efforts. The features help organizations “scan for, classify, label, curate, […] More