password Archives - usatoday24

What happened, and how to know and act if it has affected you or you receive password reset emails

January 12, 2026 by usatoday24

Let’s explain to you what happened and how to act in the face of the alleged leak of Instagram data. There is a lot of confusion with the two versions why phishing emails are arriving to make you change your password and steal your account, and we are going to explain everything to you in a simple and understandable way. Let’s start with the explanation of these two versions so you can see what seems to have happened. And then we are going to give you solutions for both, first telling you how to act if you receive an email asking you to reset your password, and then how to know if the alleged leak has affected you. What happened on Instagram The alarms have gone off when a large number of users have begun to report on social networks that they are receiving suspicious emails that encourage them to reset their Instagram password. These emails provide a link with which to try to steal your account. On the one hand, the cybersecurity company Malwarebytes assures that a group of cybercriminals has Information stolen from 17.5 million accounts from Instagram. From each leaked account they claim to have obtained usernames, physical addresses, email names or phone numbers. Instagram says no, that no one has hacked them, but admits that it has solved a problem that allowed third parties to request password reset emails for some users. They say that user data was not stolen, these emails were simply sent using this vulnerability. There are two important questions here. First of all, if you receive these emails they may be trying to steal your account, and you must pay attention to avoid falling into the trap. Phishing campaigns are recurring, but if the problem was only what Instagram says, the number of these emails should start to reduce now. The danger is if Instagram tries to hide that Malwarebytes is right. In this case, the first danger is that you may continue to receive attempts to steal your account, something that is always dangerous. But the most serious thing is that they say that physical addresses have been included in the leak, and that the data is being sold on the black market, something that can be dangerous for known people. What to do if you receive one of the emails In the event that you have received one of these emails in which you are told that Instagram has received a request to reset your password and that you click on the link to proceed, you should always ignore the message. Never click on any link that reaches you in this type of email. If you want to change your Instagram password just in casethen you have to enter your account settings in the application or website of this social network. Once inside, Click on the section Account Center to enter the page where you manage all the service accounts belonging to Meta. Inside here, choose your Instagram account, although it is normal that you arrive having it already selected. So, click on the section Password and security of the section Account Setup. Once you are inside Password and securitythen you just have to click on the option Change password that will appear first, and follow the steps requested. You should try to change the password only from here. How to know if the leak has affected you If you want to clear your doubts and know if you are involved in the alleged leak, then the best thing is to go to the website. haveibeenpwned.comwhere all leaks are always collected. Using it is easy, you just have to write the email you use in your account from Instagram. When you do, the page will tell you if your email has appeared in a leak, and You can see if Instagram is among them. It is possible that your email has been included in one or more leaks, although it does not have to have been the one from Instagram. In the event that you appear in the leakthen what I always recommend is to change your password with the steps that we have told you before. The same with any other leak that appears, it is best to always change the password on the official website or app of that service. In Xataka Basics | My data has been leaked, now what: the steps you should take whenever there is a massive leak on the Internet that could affect you

everything was fine until he forgot the password

December 7, 2025 by usatoday24

That let’s forget a password It is a fairly common mistake that normally does not have major consequences, but there are cases in which things are more serious. Today we learned the story of a man who has forgotten the password for a chip he has implanted in his hand. And there is no way to get it back. What has happened? They tell it in Futurism. The protagonist of our story is called Zi Teng Wang and a few years ago he thought that implanting an RFID chip would be fun for his magic shows. As narrated in your Facebook pageAfter trying several uses that did not convince him too much, he programmed the chip so that when scanned with a cell phone a meme would appear. One day, the link where he had hosted the image stopped working and when he went to change it, he realized that he had forgotten the password for the chip, so now he has a chip in his hand that redirects to a broken page. A solution. It is not possible to use the classic “I forgot my password”, so Zi Teng Wang has consulted with friends who are technologically savvy and they have told him that the only option to regain access is to hack the chip. Simply use an RFID reader and try all possible combinations. The problem is that you have it in your hand, so you would have to strap the reader to your hand or remove the chip. In the end he decided to let it be and is glad that the link to the meme worked again. Biohacking. In 2016 it was very fashionable about implanting RFID or NFC chips in the body. RFID technology is the same as that used in the chips that are implanted in dogs and cats, while NFC is what we usually use to transfer data between mobile phones or pay. These chips do not have a battery, but rather work passively by “responding” with identification when a reader approaches. Years ago there were people who did it to be able to open doors or unlock your computer simply by reaching out and also to pass your contact information. Currently, the original biohacking has been eclipsed by more ambitious proposals that aim at extreme longevity with figures like Bryan Johnson and more advanced technologies such as the brain chips proposed by companies like Neuralink. epic forgetfulness. Being left with a chip in your body that is useless is a chore, but it is even fun when compared to other cases of forgotten passwords. In 2021 we learned the story of a German engineer who lost your bitcoin wallet passwordwhose value amounted to 256 million euros. And it has not been the only one, it is estimated that there are at least 3.7 million bitcoin lost for the same reason. Image | Cottonbro Studio on Pexelsedited In Xataka | Password managers: which ones are the best to protect and remember all the ones you have

This company was 158 years old and 700 employees. A weak password and click were enough to take it to bankruptcy

July 23, 2025 by usatoday24

Imagine that you are working in a logistics company, of those that are responsible for managing the entire process so that a product arrives from one point to another, such as those that Amazon’s orders bring to us when we make a purchase, and that from one moment to another all the necessary systems to make the business stop working Due to a cyber attack. What would happen? If the systems do not return to normal, it would probably be a matter of time for the company to pay the consequences. Of course, such a scenario should be avoided with cybersecurity measures, protocols, backups and others. But, let’s be sincere, not everyone is prepared as they should face security threats, even when they have the ability to severely damage or destroy your business. This is what has apparently happened to a British business group called KNPwhich operated 500 trucks under several companies, including a call Knights of Old. When cybersecurity fails, the business can sink The KNP CEO, Paul Abbott, He said in an interview with the BBC That it is believed that a group of cybercriminals managed to infiltrate the systems by guessing the password of one of its employees. What the group of malicious actors did, apparently called Akira, was Straw the data With a ransomware. “If you are reading this, it means that your company’s internal infrastructure is totally or partially dead …”, he said part of the rescue note that, curiously, did not include a specific rescue figure. While the latter may seem unusual, it is also somewhat understandable. Some groups of cybercriminals They have even their own support mechanismswhere they can talk and negotiate with their victims. Recall that the final objective is usually to earn money, so we would rarely see a rescue figure high enough so that the attacked does not meet, but strong enough for the movement to mean some gain. It did not transcend how much money the cybercriminals requested, but it is known that, according to the company, They did not have the money To make the rescue payment. The aforementioned British media collects the analysis of specialists that points to 5 million pounds (about 5.7 million euros). The amount of money, they point out, was unassumable for the company. It is not clear if from the firm they continued to negotiate with the group, but explain that by the end of 2023 the data “were lost” and the company soon declared themselves in bankruptcy. Most employees were dismissed (about 730) and only 170, from one of the companies, called Nelson Distribution, based in Derby, retained their job, but this company was sold. This was the sad outcome for a firm with more than 150 years old. It is likely that after reading this, many questions will come to mind, for example, about the preventive and mitigation measures of which we talked to the beginning. According to those responsible, KNP complied with industry standards and had insurance against cyber attacks. Apparently none of this was enough. Nor do we know if the company already dragged some kind of previous problem and the cyber attack what it did was complicate everything. It is not a unique case. QUALYSEC warns that 60% of small businesses that suffer a cyber attack end up closing in the following six months for not having sufficient resources to recover. A report from Verizon in 2020 already underlined That same figure, highlighting the financial damage, the loss of reputation, the distrust of the clients and the operating chaos that leaves an attack. Images | Man Truck & Bus UK | Freepik In Xataka | Spain gave Huawei the storage of judicial telephone listeners. Now the United States and the EU have questions

McDonald’s used a chatbot with AI to recruit new employees. Someone seemed to ‘123456’ was a safe password

July 14, 2025 by usatoday24

No one argues that AI The labor market will changeto begin with, it is already very present in the Recruitment processes of personnel McDonald’s franchisees in the US use a chatbot of recruitment based on AI which collects and manages the data of the millions of new candidates who want to work in one of the restaurants in the hamburger chain. However, such and as they publish in Wiredwho configured it forgot something as basic as changing the original password of the administrator of the entire platform. The selection chatbot. McDonald’s uses a platform called Mchire, developed by Paradox.AI, to manage the Personnel selection process through a chatbot known as Olivia. When a candidate shows interest in a job offer, the chatbot comes into play and requests candidates for personal data, shift preferences and directs them to perform a personality test to process their candidacy. The use of artificial intelligence intended Without human intervention. However, such and as they counted Ian Carroll and Sam Curry, the researchers who unintentionally discovered the ruling, were two things that caught their attention. The first one was a Reddit thread in which it was ensured that the McDonald’s hiring AI was giving Some funny failures Going crazy to the candidates who tried to leave their job application. The second thing that led them to investigate a little more about the McDonald’s hiring chatbot was that it seemed very strange that The replacement the curriculums For a personality test. “It seemed quite dystopic compared to a normal hiring process, right? And that was what encouraged me to investigate it more thoroughly,” Carroll said. The security failure: “123456”. Researchers Ian Carroll and Sam Curry have Much experience in cybersecurityso no one is surprising that they have managed to violate the security of a platform. However, as they report in their blog, they did not need any of their great technical knowledge to take control of the platform as administrators. They simply accessed the Mchire portal, which is the platform after the chatbot of employee hiring for the McDonald’s franchises, and used the password “123456” in the access and access password fields. “That allowed us, any other person, access to any entrance tray and recover the personal data of more than 64 million applicants,” said cybersecurity experts. This access not only allowed to see the data of the candidates, but also intervene in the conversations and ongoing selection processes. “It turned out that we had become administrators of a test restaurant within the Mchire system. We could see that all restaurant employees were simply employees of Paradox.AI, the company behind Mchire.” The data were not exposed. After confirming that it was really a real security vulnerability, the researchers immediately contacted Paradox.AI, which, which He published a statement explaining that “only a small part of the records accessed by the researchers contained personal information” and that “the account ‘123456’ that exposed this data had not been accessed by anyone but the researchers.” In addition, he explained that the compromised credential was a trial account that “had not been used since 2019 and, frankly, should have been deactivated“ McDonald’s responsible for his supplier ensuring that “we are disappointed by this unacceptable vulnerability of an external supplier, Paradox.AI. As soon as we knew the problem, we ordered Paradox. Paradox. The without surveillance. The work context makes the data presented especially Attractive for cybercriminalswhich shows the importance of providing additional security layers to Chatbots based on AI They manage such sensitive data. “If someone had exploited this, Phishing’s risk would have been really huge. It is not just identifiable personal information and curriculum. It is that information from people looking for work in McDonald’s, people who are waiting with anxious Electronic response emails“The researchers said. In Xatakto | Builder.AI promised to revolutionize the programming with its AI. There were actually 700 Indians behind it, picing code Image | Wikimedia Commons (Dirk Tussing)

My keys are random characters and I have a hard time remembering them. Unless you use one of these password managers

July 8, 2025 by usatoday24

Do you have the same password for all your accounts or do you use a different? The truth is that the second is the best we can do in the event that some website has some vulnerability, but that can leave us with a problem: remember all passwords. In fact, it has happened to me, so it can be very useful to have a good Password manager. But … What is a password manager? A password manager is an independent program that is responsible for safely storing the passwords that we choose. In this way, once we register it, it will be saved and allow us to log in to the account without writing the password again. There are free services, but also other payment that offer a greater number of functions and, of course, of better advantages. In this article we will talk about Some of the best password managers, with their prices and differences. Proton Pass If we are going to choose a password manager, Better to do it by taking a discount, right? Proton Pass not only offers different monthly plans with its peculiarities, but also right now has a discount on all its subscription plans: Pass plus monthly by 4.99 euros a month instead of 4.99 euros. Annual Proton Plus by 2.99 euros a month instead of 12.99 euros. Pass Family by 4.99 euros per month instead of 6.99 euros. * Some price may have changed from the last review All of them have some similar tools, such as cloud storageextreme end encryption, the possibility of saving passwords or email encryption, calendar, cloud storage and VPN service. Here we leave you a table with some of the differences between the subscription plans: Pass plus monthly Annual Pass Pass Pass Family Tools Unlimited alias of Hide-My-Email Integrated 2FA authenticator Safe link exchange Unlimited credit cards Dark Web monitoring Advanced Accounts Protection Your personalized domain for alias Additional mailboxes for alias Unlimited alias of Hide-My-Email Integrated 2FA authenticator Safe link exchange Unlimited credit cards Dark Web monitoring Advanced Accounts Protection Your personalized domain for alias Additional mailboxes for alias 6 Pass Plus accounts Administrator panel for your family Price 4.99 euros / month 2.99 euros / month 4.99 euros / month Obviously, Proton Family offers greater users. Yes, it is more expensive, but it can be interesting if what we are looking for is to use the service on different devices. Pass Plus monthly can be interesting to prove the annual plus tools and Pass has the best value for money by staying the monthly for half that with respect to Pass Plus monthly. PUREVPN PUREVPNas its name indicates, it is mainly a service that offers a VPN tool, although it also has many other security related, such as the password manager. Taking into account that the standard service does not offer the password manager, we would have two modalities: Pure VPN Plus for $ 2.96 per month (2.52 euros to change), with VPN service and password manager. PUREVPN MAX for $ 3.33 per month (2.83 euros to change), with VPN service, password manager, Dark Web monitoring, unlimited ESIM data and data eliminator. * Some price may have changed from the last review Bitwarden Another option that can be interesting is Bitwardena password manager who, although it is true that it has a free modality, has two subscription modalities with more tools. Of course, it is more focused on companies than individuals, although that does not mean that it cannot be useful: The biggest difference between Bitwarden Teams and Bitwarden EnterpriseIn addition to the price, Enterprise offers a family plan and recovery administrator. Bitwarden Teams for 4 dollars a month (3.40 euros to change). Bitwarden Enterprise for $ 6 per month (5.10 euros to change). * Some price may have changed from the last review Dashlane Finally, Dashlane It is another service that, despite being more expensive, also offers a good assortment of tools. Mainly it is a password manager service, but depending on the subscription modality that we choose we can have more or less functions, although in this case they are more focused on companies: Password administrator by 8 euros per month (with annual billing). It includes access protection of employees with unlimited passwords and optimization of security controls. Omnix by 11 euros per month (with annual billing). Includes password administrator, intelligent alerts and additional protection against Phishing. * Some price may have changed from the last review Some of the links of this article are affiliated and can report a benefit to Xataka. In case of non -availability, offers may vary. Image | Linus Mimietz in UnspashProton Pass, Purevpn, Bitwarden, Dashlane In Xataka | Why it is dangerous to connect to public wifis and what you should do to protect yourself In Xataka | Antivirus in Windows 11: What are, differences between free and payment and the best for your PC

How to change your Steam account password

May 15, 2025 by usatoday24

Let’s explain step by step How to change your Steam account passwordsomething that is advisable to do every so often to improve privacy. It also serves when there are rumors of a possible filtration or hacking, or when you see something weird in your account. The first thing is always to change the password. The process to change the password is not too complicated, although We are going to explain it step by step. We are going to do it from the web, although the process is the same from the application. Of course, you will need access to the phone number or email linked to the account to send you a confirmation email before proceeding. Change your Steam password The first thing you have to do is log in to Steam with your user account, that you want to change the password. Then click on your name to appear the options menu, and click on the option of Account details That will appear with your username. Once within the account options, you have to enter the section of Security and devices from which to manage what is related to your account. Here inside, now click on the option Change password That will appear inside. Now, you will have to Verify your account with a security code. For this, you can ask you to send you the code by mobile phone, but you have an option for when you do not have access to the number that will allow you to send you the code by email. Once you verify that you are with the code you have sent you, you will go to the password change page. Here, you will simply have to Write the new password twice That you want to use. Remember that in Xataka Basics we have taught you Create safe passwords And we have given you some tips to create a most robust as possible. In Xataka Basics | How to create a Steam family group to share your games with up to 5 users

When the password manager disappears, how to export yours and alternatives

May 7, 2025 by usatoday24

Microsoft Authenticator will stop saving your passwords And neither will you self -fulfill them, and we are going to tell you everything you need to know to face this change of rhythm. This means that the application will be useless, and that it will only serve for TOTP tasks, which are to manage and allow you to use temporary passwords of a single use. We are going to start this article by telling you what will happen exactly, and key dates in dismantling of this application. Then, we will briefly tell you how you can export your passwords, and we will end up remembering the main alternatives. What about Microsoft Authenticator Microsoft is going to make changes in Authenticator, specifically in its tool to self -supply passwords. Authenticator will cease to be a password managerand this means that You will stop being able to keep your keys In this application, and you will also stop being able to autocomplete them on web pages. In addition, later you will also lose access to your passwords from this application. Passwords will remain in your Microsoft account, but You can only access them from the Edge browser. Come on, if you do not use this browser, you can no longer use this service. If you have been using this manager in recent years, you will stop accessing passwords. But what is worse, Passwords will disappear from authenticator In summer, so it is best for exports to use them in another application. Authenticator It will also delete payment data that you had saved in the app, such as debit cards or bank accounts. The only thing that will remain are access keys or passkeys, although no self -domestic passwords. To continue using the self -fulfilled and access your passwords, you will have to use the Edge browser. When Authenticator will disappear As we have told you, Authenticator a priori will not disappear as app, although they will dismantle their password manager service. These are the key dates What are you going to take into account: From June 2025you can no longer save new passwords in Authenticator. During July 2025you will not be able to use the autocomplete function with authenticator. From August 2025your passwords saved in Authenticator can no longer be accessed. How to export your passwords Exporting your passwords from the Authenticator app is quite simple. All you have to do is Enter the app configuration. For this, open the lateral menu and click on Configuration. Once you do it, go down at all and click on the option of Export of passwords. This will create a CSV file with all of them and allow you to send it or save it on your mobile. This is the file that you will then have to use to import them in another application. Main alternatives to authenticator In Xataka Basics you already have a list with The best password managers That you have available. However, we are going to remind you of them so that, if you were using authenticator, you know what are the most popular options to replace it. Google password manager: This is the natural option if you are looking for a good free manager, that of Google itself that integrates in Android and Chrome. You have all the essential options without having to pay anything. Link: passwords.google.com. Apple passwords: He is Apple’s own password manager for its devices, which has an independent application. 1Password: A professional and paid password manager, a little expensive compared to others but with many options and an excellent design. Link: 1Password.com. Bitwarden: One of the best passage managers in the market, which is not excessively expensive and has all the options. It stands out for being open source and being able to accommodate it on your own server. Link: Bitwarden.com. Dashlane: Another of the most popular managers, with a free version for a single device and other payment. Link: dashlane.com. NordPass: The password manager of the creators who Nordvpnand that focuses on offering the essential. It also has a free version for a single device. Link: NordPass.com. In Xataka Basics | How to create safe passwords: usual advice and how to do it with password manager

There is a person who knows more than anyone in the world about password robberies. And they just steal his

March 29, 2025 by usatoday24

Troy hunt It has been for years warning us of the dangers of the passwords. It happened so often that it ended up turning those warnings In a project that has become a reference: Have I Been Pwned. And despite everything he knows, he has just fallen into a theft of credentials with the most common method of all: A Phishing email. Can happen to anyone. Hunt had in his blog how it fell into a very well elaborate trap: a phishing email that pretended to come from Mailchimpthe platform you use to distribute your newsletter. In the notice he was informed that he had received a spam complaint and that his shipping privileges in the service would be restricted. To solve it, yes, I could click on a button with a link. Why did that phishing work? As this expert explained, “I have received a ton of similar messages that I have always identified quickly”, but there was a critical factor that played against him: the moment in which he received it and read it. Hunt had Jet Lag and was very tired when he received the message, and did not think enough that something was not right. Difficult indications to identify. After clicking on the link, Hunt also noticed how his password manager did not autocomplete the details of his account (user and passwords, usually). This could have been an indication that the domain from which those credentials were requested was suspicious, but he himself indicated that many platforms record you in a domain (which the password manager keeps) and then authenticate you in another. Theft of their subscribers. Phishing’s attack caused the attackers to steal 16,000 records that belong to people who subscribed but also that he had already discharged from his Newsletter. Mailchimp keeps those registers for some reason. In these data, email, IPS and latitude and length addresses are included, however they do not point to the subscriber location. He has also been “Pwned”. The creator of the Have Ien Pwned site ended up adding the theft of his data to the database he uses on this platform, as was of rigor. As he pointed out in his blog, not to do it “it would have been a hypocrisy.” He also had the success of telling what had happened to him right away. If a message is super urgent, suspect. Phishing attacks usually always take advantage of being written with an urgency tone or message. If you don’t act, they try to tell you, something bad can happen to you. That is precisely why in these messages it is to try to keep the head cold and clear and not act instinctively or immediately. It is probably the great lesson that can be taken from this event. Passkeys help. Traditional passwords remain a potential threat to phishing attacks, but there is a method that helps us avoid that threat in particular: Passkeys or Paso Keyswhich make use of safe biometry. Its implementation, yes, is quite fragmentedbut we deposit confidence in a passkeys provider (such as Google either Applefor example) are undoubtedly An important element To add a remarkable safety layer, as well as the authentications in two steps (2FA) have been so far. Image | Saksham Choudhary In Xataka | There are users who pass from passwords. And they go to “I forgot my password” to generate them again and again

Log In

Sign In

Forgot password?

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections