Update, March 28, 2025: This story, originally published March 25, has been updated with new research into the effectiveness of passkeys as a more secure replacement for passwords, the further availability of Google’s hardware passkey and news from Microsoft impacting a billion password users as it makes the change to passwordless authentication to stop insecure password use.
Don’t say you weren’t warned. The threat from infostealer malware has been made pretty clear as billions of passwords are reported compromised, 85 million of the newest being used in ongoing attacks, and even two-factor authentication in isolation might not be enough to save you as hackers use session cookies to bypass 2FA code protections. That threat has just been amplified by a report revealing how an automatic hacking machine called Atlantis AIO is using millions of stolen passwords to gain access to email, VPN, streaming services and even food delivery accounts. The takeaway, if you’ll pardon the pun, is to stop using your passwords now.
More Info