![]() ![]() Technical readers can follow the full thread on Hacker News, but the brief explanation is that the passwords are simply being obfuscated (meaning, hidden) using a single encryption key which is the same for everybody, according to Bevand’s tests seen here. In Pandora’s case, not only are passwords being stored locally, they’re not properly encrypted. It’s also only possible in modern web browsers which support HTML5 (like the current versions of Chrome, IE and Safari now do). In fact, it’s not very common to save passwords in local storage at all. That being said, it is generally not considered a best practice to store a website’s password on a user’s computer, and if a website is going to do so, then the password should at least be properly encrypted. This is not something that users should immediately freak out about, but it may be worthwhile to change your Pandora password if you access Pandora’s website on a shared computer or at an Internet cafe, especially if that password is one you use across the web for other sites of a more personal and private nature. ![]() It was soon after picked up by Hacker News.Ī developer, Marc Bevand, then demonstrated how easy it would be steal a user’s Pandora password off their computer using a simple hack he created in response to the information. While that’s a step up from the earlier, more concerning situation, it’s still a risk.ĭetails of the issue were first posted to Google+ by Amber Yust, a software engineer at Google. However, it appears that the passwords aren’t being stored in cleartext, but are encrypted using a single static encryption key which is the same for all users. Specifically, those passwords are being stored in the HTML5 local storage area for the website. Initially, word was that Pandora was storing cleartext passwords (meaning unencrypted) directly on users’ hard drives, which would have been a major concern. It’s not a password leak or an attack, however, but there’s concern that passwords aren’t being well secured on users’ computers. Now, you have updated your password to one that is strong and unique but where will store it and manage it along with any other passwords you have? The solution to this – Passwarden! This is a safe and secure way to manage all your passwords of all your accounts across multiple devices.There are reports circulating related to the security of users’ Pandora passwords. These should be individual and unique for every account you have online, this way you are not at risk of having all your accounts compromised at the same time. Using a unique password for each account and website.This is usually the standard on most websites and applications, so stick to this length or longer. If a hacker has access to this sort of information about you, they can easily figure out your password. Information, such as your maiden surname or childhood pet’s name, should be avoided too. People often use dictionary words, such as elephant or watermelon for example, because they are easy to remember. Real dictionary words are easy to remember ( good for you) but also easy to guess ( good for a hacker!). Here are some tips on how to create a strong password: Now, updating a password may seem easy, but there is actually a little bit of a challenge to it - creating one that is strong and secure. This means the hacker now has access to all your data on your account, and can enter any other account you have online with the same password. If your password has been leaked in a breach, hackers have easy access to your Pandora account. A Password breach, in particular, is when passwords are leaked during a breach. This happens when data, from a particular website or application, has been leaked externally. With all these striking features, a cybercriminal might try to enter into your account, either to use the application without having to pay the subscription or to sell your data to a third-party marketing company!ĭue to growing use of the internet, a data breach has become increasingly common. The app has a great feature in that tailor designs stations for your individualized taste. It also has a wide range of podcasts available for you to listen to at any time on your Android or Apple device. Pandora is a popular, subscription-based, music streaming platform, which can be used to listen to music from all your favorite artists, bands and albums. ![]()
0 Comments
Leave a Reply. |