{"id":169537,"date":"2025-12-05T12:49:10","date_gmt":"2025-12-05T12:49:10","guid":{"rendered":"https:\/\/www.newsbeep.com\/il\/169537\/"},"modified":"2025-12-05T12:49:10","modified_gmt":"2025-12-05T12:49:10","slug":"feds-warn-iphone-and-android-users-change-apple-google-and-microsoft-passwords","status":"publish","type":"post","link":"https:\/\/www.newsbeep.com\/il\/169537\/","title":{"rendered":"Feds Warn iPhone And Android Users\u2014Change Apple, Google And Microsoft Passwords"},"content":{"rendered":"

\"CISA<\/p>\n

Make these password changes now.<\/p>\n

SOPA Images\/LightRocket via Getty Images<\/p>\n

Passwords are dangerous \u2014 they\u2019re stolen, leaked and breached. Warnings are issued weekly, confusing users who have an average of 168 passwords<\/a> each. And so it\u2019s no surprise the government has now stepped in, telling users to make changes now.<\/p>\n

Passwords have never been more at risk. That\u2019s why Google warns hackers are gaining access to accounts<\/a> and Microsoft tells users to delete passwords<\/a> altogether. With multi-factor authentication (MFA) also under attack<\/a>, account security needs to change. <\/p>\n

But where do you start?<\/p>\n

ForbesMicrosoft Teams Starts Telling Your Boss Where You Are\u2014Now Just 8 Weeks AwayBy Zak Doffman<\/a><\/p>\n

Fortunately, America\u2019s cyber defense agency has just given you the answer. As well as warning iPhone and Android users only to use encrypted messaging platforms, not to use VPNs and to change app permissions, CISA<\/a> also has password advice<\/a>.<\/p>\n

Users should \u201cenroll each account in FIDO-based authentication,\u201d the federal agency says. That means changing to \u201cpasswordless.\u201d As for where to start, CISA says make changes \u201cespecially (to your) Microsoft, Apple, and Google accounts.\u201d<\/p>\n

That\u2019s because these are gateway accounts. Not only does their single sign-on (SSO) open multiple in-house platforms, they can also be used to sign into third-party accounts. And because these are the dominant email and operating system platforms, the treasure trove of sensitive personal data they unlock is invaluable.<\/p>\n

For almost all users, going passwordless means changing passwords for passkeys. This combines your password and MFA into a single token that is stored on your personal device and secured by your authenticated access to that device.<\/p>\n

Just adding passkeys is not enough, though. You must also \u201cdisable other, less secure forms of MFA,\u201d CISA says. And at the same time, you should review all your passwords if they can\u2019t be deleted, and so remain a form of account access. That\u2019s where the value in a third-party password manager comes in.<\/p>\n

ForbesWarning Issued For Amazon Prime Customers\u2014New Attack Has StartedBy Zak Doffman<\/a><\/p>\n

\u201cReview existing passwords to ensure they are long, unique, and random,\u201d CISA says. \u201cIf they are not, change to passwords generated by the password manager.\u201d Most users. likely can\u2019t remember when they last changed their Apple, Google or Microsoft passwords. many of those passwords will also be reused. CISA\u2019s warning is timely. <\/p>\n

CISA also tells users to \u201cdisable SMS for each account. Enrollment in authenticator-based MFA does not automatically unenroll the account\u2019s SMS. This can create a weak fallback mechanism that can be exploited by threat actors.”<\/p>\n

A password manager will handle creating, changing and storing passwords, passkeys and MFA codes. Do not use browser-based password managers, not even Chrome\u2019s. And ensure you only use a blue chip platform from a flagship provider.<\/p>\n","protected":false},"excerpt":{"rendered":"Make these password changes now. SOPA Images\/LightRocket via Getty Images Passwords are dangerous \u2014 they\u2019re stolen, leaked and…\n","protected":false},"author":2,"featured_media":169538,"comment_status":"","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[100582,100579,100578,100580,95578,100583,85,46,100581,100584,125],"class_list":{"0":"post-169537","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-technology","8":"tag-apple-password","9":"tag-fbi-delete-texts","10":"tag-fbi-do-not-text","11":"tag-fbi-password","12":"tag-fbi-stop-texting","13":"tag-google-password","14":"tag-il","15":"tag-israel","16":"tag-microsoft-password","17":"tag-password-hacker","18":"tag-technology"},"_links":{"self":[{"href":"https:\/\/www.newsbeep.com\/il\/wp-json\/wp\/v2\/posts\/169537","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.newsbeep.com\/il\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.newsbeep.com\/il\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/il\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/il\/wp-json\/wp\/v2\/comments?post=169537"}],"version-history":[{"count":0,"href":"https:\/\/www.newsbeep.com\/il\/wp-json\/wp\/v2\/posts\/169537\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.newsbeep.com\/il\/wp-json\/wp\/v2\/media\/169538"}],"wp:attachment":[{"href":"https:\/\/www.newsbeep.com\/il\/wp-json\/wp\/v2\/media?parent=169537"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.newsbeep.com\/il\/wp-json\/wp\/v2\/categories?post=169537"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.newsbeep.com\/il\/wp-json\/wp\/v2\/tags?post=169537"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}