Technology

• The Casio CRW-001-1JR is part smartwatch, part smart ring
• It looks as though it'll only be available in Japan
• The device celebrates 50 years of digital watches from Casio

Can't decide between one of the best smart rings and one of the best smartwatches? The new Casio CRW-001-1JR gives you both form factors in the same device – it's a smartwatch that fits around your finger rather than your wrist.

Getting hold of one might be an issue though, as it looks as though the Casio CRW-001-1JR will only be available in Casio's home country of Japan. The wearable has been priced at 19,800 yen, which is about $130 / £100 / AU$200.

The wearable has been launched to mark 50 years of Casio smartwatches, and it's more of a fashion accessory than an actual working smartwatch. You don't get any fitness-tracking features here, for example, or synced smartphone notification support.

However, the little gadget can tell you the time in two locations, and there's also a stopwatch function. You can set alarms for specific times on the device, and Casio has fitted in a small LED light as well.

One to watch

You can only get the Casio CRW-001-1JR in one size – the equivalent of US ring size 10.5 – but there are spacers included for a snugger fit on smaller fingers. Unlike the similar Timex T80, the strap isn't adjustable.

The ring/watch has been designed to pay homage to the classic Casio GMW-B5000 smartwatch, and it's made from stainless steel. There are even three functional buttons for controlling the features on the device.

Tipping the scales at 16 grams, this isn't as lightweight as something like the Samsung Galaxy Ring, which weighs a maximum of 3 grams. The smartwatch is "waterproof for daily use", and powered by a replaceable battery that should be good for two years of use.

It's something different at least – and perhaps the start of a whole new product category. The Casio CRW-001-1JR is going on sale at the start of December – though even if you do live in Japan, it seems stock is going to be limited.

You might also like

• Swapping an Apple Watch for a vintage Casio Chronograph
• The best cheap smartwatches you can buy
• Samsung's Galaxy Ring 2 could launch sooner than expected

• Apple is reportedly evaluating whether to make an Apple-branded TV
• It was rumored years ago, and it may be back
• People might pay a premium for privacy and long software support

Apple doesn't make TVs, but that may soon change. According to new report, Apple is seriously considering an Apple-branded TV set. And that might not be a bad idea, even in a very busy industry.

As you know, Apple isn't currently a TV manufacturer: it makes the excellent Apple TV 4K instead, bringing Apple's system and smarts to any television, as well as a widely available Apple TV Plus app.

Apple TVs have been rumored for a very long time, but it's a very low-margin business and if there's one thing Apple hates, its low profit margins. But there's something Apple likes, and that's profiting from other firms' mistakes. And the TV industry may have given it an opportunity to do just that.

Why an Apple TV could be a big hit

It's important to stress that the story, from Bloomberg, says that Apple is only "evaluating" whether to make a TV; that doesn't mean it will. But there are some good reasons why it might even though it didn't before, and why an Apple TV might not be another expensive-then-abandoned project like the Apple Car.

There's no doubt that Apple can make a TV. But the bigger question is why it should. And the answer could be: privacy.

As we reported last month, a severe new report has accused many streaming services of being a "Trojan Horse", a sinister surveillance system that's undermining not just privacy but consumer protection too. What used to be a simple transaction – you pay money, you get a TV, and you don't have any more contact with the maker unless there's a warranty claim – has become a swamp of services demanding your data by fair means and foul. This privacy-collecting smart TV tech is built into all of the best TVs today, and people are starting to take notice.

Apple has made privacy a big part of its pitch to us for quite a long time in its Macs, iPhones and services such as Apple Intelligence. And the same policy for a TV would be an important differentiator from many other firms.

There's a second issue too, which is software support. Apple sticks with its stuff for many years, so you'll get iPhone updates for longer than you will Android ones; the current Apple tvOS, tvOS 18, works with Apple TV devices going back to the Apple TV HD from 2015.

How many smart TVs from 2015 are still updating their apps? Again, people are starting to get frustrated that services may stop working on their TV. Samsung recently addressed this concern with a promise of seven years of updates to its TVs, while LG is promising five years. It's a problem that needs addressing, and Apple can easily promise it.

The downside, of course, is that an Apple TV wouldn't be cheap if the company is to keep its usual profit margins in a cut-throat market – and the company is said to be looking at OLED for the screen, and the best OLED TVs are never cheap.

But you could say exactly the same about the best iPhones, best iPads and best MacBooks. But as with those products, Apple may offer something different enough to its rivals to justify the more premium pricing.

You might also like

• Everything you need to know about Apple TV Plus
• What is the best streaming service?
• The best streaming deals for this month

• Swiss citizens warned about fake ‘Alertswiss app’
• Malicious app deploys a variant of the Coper trojan
• Keystrokes, 2FA codes and credentials are at risk

The Swiss National Cyber Security Centre (NCSC) is warning the public about a recent malware campaign targeting citizens via the country’s postal service.

Residents are reportedly receiving letters through the post from what they believe to be the Federal Office of Meteorology and Climatology, urging them to install a fraudulent weather app.

The letters include a QR code to facilitate with the download of the Android-based ‘Severe Weather Warning App,’ which masquerades as the nation’s Alertswiss app.

Swiss citizens targeted by QR code malware

Using QR codes to spread malware isn’t new, however attack vectors can vary widely. When accessing online content, users should always be cautious of telltale signs that suggest the content they’re accessing is not legitimate.

In this case, the malicious app is labelled ‘AlertSwiss,’ whereas the genuine app is labelled ‘Alertswiss.’ It also has a slightly different icon. Furthermore, the app is distributed via a third-party website, rather than Google’s own Play Store, which is another key red flag.

Upon installation, the app deploys a Coper trojan variant that logs keystrokes, intercepts two-factor authentication messages and steals banking credentials by targeting apps installed on the victim’s device. According to the public warning, it has access to more than 383 smartphone apps.

The app also communicates with command-and-control servers, and can present phishing screens to obtain sensitive information from the victims.

The NCSC said that this was the first time that malware had been delivered through physical mail in the country: “The letters look official with the correct logo of the Federal Office for Meteorology and thus trustworthy.”

Citizens targeted by the letter are being urged to report it to the NCSC. Those who have already downloaded the app should reset their phones to factory settings.

Via The Register

You might also like

• We’ve listed the best Android antivirus apps
• These are the best privacy apps for Android
• This devious new malware is going after macOS users with a whole barrel of tricks

• ESPN is testing an AI-generated avatar for SEC Nation
• FACTS will provide analysis during the popular college football show
• ESPN says "It complements our journalists and on-air talent, providing additional insights"

ESPN is trialling a new AI-generated avatar which the TV network hopes to add to its popular college football show, SEC Nation.

The AI avatar called FACTS is being trialed for "pre-game discussions, promoting education and fun around sports analytics." The project has been developed at the ESPN Edge Innovation Center to foster engagement and educate fans on sports analytics related to college football.

Baron Miller, coordinating producer for SEC Network/ESPN told Front Row, "FACTS is designed to test innovations out in the market and create an outlet for ESPN Analytics’ data to be accessible to fans in an engaging and enjoyable segment. It complements our journalists and on-air talent, providing additional insights."

He added, "FACTS is built on NVIDIA Omniverse, using its ACE microservices, and integrates with Azure OpenAI for language processing and ElevenLabs for text-to-speech." Combined with ESPN Analytics data and team statistics, FACTS is seen as a way to engage a new audience wanting to get invested in college football.

AI sports analysis on ESPN

ESPN hasn't showcased FACTS in action and the company has already used generative AI to create recaps of sports matches. However, the AI recaps have come under scrutiny for errors such as completely forgetting to reference USWNT legend Alex Morgan in the final game of her professional career, instead focusing on the scoreline and the goalscorers.

ESPN doesn't see AI as a way to replace its journalists, however, instead, the company thinks AI-generated recaps frees up its human writers to focus on more interesting topics. An ESPN spokesperson defended the use of AI by saying, "These automated recaps will allow ESPN staff to focus on feature, analysis and breaking news coverage. ESPN has always worked to combine human capability with emerging technologies as part of its mission to serve sports fans."

SEC Nation is an incredibly popular show every Saturday during the college football season. With a start time of 10 AM ET, it's the perfect opportunity to introduce a friendly AI-generated analyst to help educate children and adults alike on the sport. ESPN has yet to announce when we're likely to see FACTS on our TVs, but considering the quick rate of AI adoption across the world of media, we don't expect we'll have to wait long.

You might also like...

• Wimbledon is replacing line judges with AI
• Everything you need to know about ESPN Plus
• Coca-Cola's iconic ad is now made by AI

• WordFence finds "one of the most severe flaws" in its 12-year history
• The critical flaw resides in the Really Simple Security plugin
• The bug allows for automated, mass website takeover

Cybersecurity researchers have found a critical vulnerability affecting millions of WordPress websites which could grant attackers full control over the vulnerable website.

Security professionals from Wordfence reported discovering an “improper handling of user authentication” vulnerability in the Really Simple Security WordPress plugin, both free and paid versions.

This plugin simplifies the process of securing websites by enabling SSL with a single click, and automatically resolving mixed content issues. Furthermore, it offers features such as security headers, and HTTP Strict Transport Security (HSTS), which made it a super popular choice. It currently has more than five million active installations.

Biggest threat in more than a decade

The vulnerability is being tracked as CVE-2024-10924, and has a severity score of 9.8 (critical), and Wordfence describes it as “one of the more serious vulnerabilities that we have reported on in our 12 year history as a security provider for WordPress.”

It was discovered on November 6, and by November 14, all versions had patches lined up. Versions 9.0.0 to 9.1.1.1 of the “free”, “Pro”, and “Pro Multisite” releases were said to be vulnerable, with the first clean version being 9.1.2.

Currently, the WordPress plugins site shows 44.1% of installations being for version 9.1, with the remaining 65.9% falling on older versions.

Given the severity of the flaw, and the sheer number of potentially exploitable websites, researchers are urging everyone to patch up immediately and protect their digital assets.

The plugin’s vendor has coordinated a force update with WordPress, but website administrators should still double-check to see if their websites are running the newest version of the plugin, and Pro users with expired licenses should ensure they have their auto-updates disabled as well.

You might also like

• North Korean hackers are targeting Apple users with new macOS malware
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now

• The iPhone XS Max and iPhone 6s Plus are now 'vintage'
• Apple also labels the Apple Watch 2 as obsolete
• These statuses affect whether or not you can get repairs

Apple has just done some reorganizing of its vintage and obsolete products list, and the iPhone XS Max (launched in 2018) and iPhone 6s Plus (launched in 2015) are now both officially labeled as 'vintage' gadgets.

The changes were spotted by MacRumors, and are a normal part of the lifecycle of an Apple product. A device becomes vintage when more than five years have passed since it was last sold as new by Apple.

Before that five years passes, you can always get repairs and replacement parts from Apple and authorized repair stores. Once a product is vintage though, you may or may not be able to get repairs or parts – it depends on stock levels and what the issue is.

Exact timings on vintage status can vary, and it's worth noting that the iPhone 6s Plus with 32GB of storage is already categorized as obsolete (the next stage past vintage). Once Apple updates its lists though, it's official as far as product status goes.

Not just vintage – obsolete

The Apple Watch Series 2

Another update to Apple's list is that the aluminum and stainless steel Apple Watch 2 models are now obsolete. A gadget becomes obsolete when it's been more than seven years since it was last sold as new by Apple.

Past that point, you can't get repairs from Apple or its authorized partners, and new parts can't be ordered. The only exception to the rule is some MacBooks, which are eligible for battery replacements for up to 10 years in certain cases.

You can certainly try and get an obsolete product repaired, but you'll have to go somewhere other than Apple – and once you hit the seven-year mark, it's probably worth thinking about investing in an upgrade anyway.

For now, the Apple Watch 2 with the ceramic casing clings on to its vintage status, so it's not yet obsolete – but if you're still wearing the smartwatch, which launched in 2016, you'd be best getting any necessary repairs sorted sooner rather than later.

You might also like

• The best iPhones you can buy
• 5 new features in iOS 18
• Our full review of the iPhone 16

The Biden administration chose to target only companies developing frontier AI models in China. But Trump could take a more sweeping approach.

Score this HD Fire TV at its lowest ever price and add easy streaming to other rooms in your home.

• The details of Sony's Black Friday deals have reportedly leaked
• The PS5 Slim and PSVR 2 seem set to receive major price cuts in Europe
• There's no official confirmation these deals will be available worldwide

The upcoming Black Friday PS5 deals by Sony may have leaked with the latest details pointing towards not only a huge discount on the PlayStation 5 Slim but also a meaty price cut for the PSVR 2 accessory.

According to known leaker ‘billbil-kun’ at French-language blog Dealabs Magazine the PS5 Slim will receive a discount of at least €75 in Europe. This takes the price of the standard PS5 Slim console down from €549.99 to €475.99 in the region. The PS5 Slim Digital Edition will then apparently receive the same price cut, taking it from €449.99 to €374.99.

These discounts will also be available on the newly revealed PS5 Slim Cobalt Star Bundle - which contains a few bonus in-game items for Fortnite. Of course, there’s no telling whether this deal will be available in the US or UK but there are some promising signs. Most importantly, it roughly lines up with a now removed trailer posted by Sony that announced a $70 discount on the PS5 Slim over Black Friday.

The same leaker also claimed that the PSVR 2 will receive a significant discount, taking the price of the headset down to just €399.99 from €599.99. The PSVR 2 Horizon Call of the Mountain bundle will also be available for that €399.99 price, which is a pretty exceptional deal as it usually retails for €649.99. This could be the final push that many shoppers need to pick up one of the best VR headsets on the market.

The savings are reportedly set to begin on November 22, but it is worth once again reiterating that there has yet to be any official confirmation from Sony that similar discounts will be available worldwide.

You might also like

• PS5 Pro review: a high-performing enthusiast console with a pricey sting in the tail
• These are my six favorite games from the Xbox Black Friday sale
• Lego Horizon Adventures review: A gorgeous, family-friendly adventure that lacks depth

Refinance rates were mixed, but one key rate fell. Even a slightly lower interest rate can save you money on your home loan.

• Apple’s Lightning-to-3.5mm adapter is sold out around the world
• It’s used to connect older iPhones to wired headphones
• Apple still sells a USB-C-to-3.5mm adapter for newer products

Ever since Apple dropped the 3.5mm jack from its phones, the company has sold a Lightning-to-3.5mm adapter that lets you connect any of the best wired headphones to your iPhone. But it now looks like Apple might be discontinuing the product, as it’s showing as out of stock around the world – so if you want to buy the adapter (or get a spare), you might need to be quick.

MacRumors first spotted the situation, reporting that the adapter was listed as sold out on Apple’s online store in the US and many other countries. There are a handful of nations where you can buy it from Apple’s online store – such as Denmark, Finland, France, Norway, and Sweden – but it’s likely that this will only last until the device sells out in those places as well.

The Lightning-to-3.5mm adapter was originally included in the box when you bought any phone from the iPhone 7, iPhone 8 and iPhone X ranges. However, Apple stopped this practice when it launched the iPhone XS, instead listing the adapter as an optional $9 / £9 / AU$15 purchase online and in physical Apple Stores.

These days, the only Lightning-equipped iPhones that Apple sells are the iPhone 14, iPhone 14 Plus, and iPhone SE, and all three are expected to be discontinued next year. The iPhone 15 and iPhone 16 series, on the other hand, come with USB-C ports, and Apple does still sell a USB-C-to-3.5mm adapter for those devices.

End of the line

With modern iPhones supporting USB-C and Apple selling a 3.5mm adapter for those products, the Lightning-to-3.5mm adapter has been serving an increasingly small number of customers. With the only compatible iPhones that Apple still sells set to be phased out in just a matter of months, it’s likely that Apple feels there’s simply no need to continue selling the Lightning adapter.

Indeed, it’s not just iPhones that are dropping the Lightning port – Apple has been switching all of its products to USB-C in line with European Union (EU) regulations. We’ve seen this affect Apple’s Mac accessories like the Magic Mouse and Magic Trackpad, while Apple moved the iPad line to USB-C several years ago.

When Apple dropped the 3.5mm port from its iPhones, it said it made the decision because people were increasingly switching to wireless earphones that offered a more convenient wire-free way to listen to audio. With wired headphones becoming an increasingly niche pursuit and a USB-C adapter available to anyone who needs it, Apple apparently doesn’t feel it’s worth continuing to make its Lighting adapter.

If you use wired headphones with an older iPhone and want to continue doing so, it might be worth buying up a few spare adapters while you still can, just in case your current one breaks – and there are still a few options from third-party makers too. Alternatively, you could consider buying a pair of the best wireless headphones – with Black Friday fast approaching, it’s a great time to snag a bargain.

You might also like

• The best wireless headphones 2024, chosen by our experts for all budgets
• Apple's keyboards, mice, and trackpads are finally improving - now it's time for more peripherals
• Good news! Apple finally redesigns the Magic Mouse with USB-C! Bad news! The charging port is still on the bottom

A handful of major mortgage rates are moving up. But rate cuts from the Fed should help mortgage rates fall in the long term.

Whether used for homework, paid work, or long nights of doomscrolling, CNET's editors have reviewed the perfect Chromebooks for you and your family.

There are many open questions regarding how the new Trump administration will handle economic policies. Some leaders of the repairability movement aren’t all that worried about it.

• Intel’s top-selling CPU is a lowly number 13 in Amazon rankings
• Team Blue is doing better in the Newegg CPU chart, but still not well
• This may reflect fallout from Intel’s recent fumbles with chip instability and the rocky Arrow Lake launch

AMD is totally cleaning up in the world of desktop processors, with Intel lagging way behind its rival now, at least going by Amazon’s rankings of the bestselling CPUs.

As you may be aware, Amazon keeps track of the bestsellers across its entire range of tech (and other) products, and the top processor list is currently dominated by AMD, with Team Red now holding the entire top 10.

In fact, the first Intel CPU you’ll see is the Intel Core i5-13600KF at number 13, so the top 12 processors are from AMD (at the time of writing, anyway). Granted, Intel does have numbers 14, 15, 17, and 18 as well, notably with older CPUs from the 13th-gen and 14th-gen ranges, with no Core Ultra 200S (Arrow Lake) chips to be seen in the top 20 – or indeed in the top 100.

Are those chips simply too fresh to the market, then? Well, AMD’s Ryzen 9800X3D is also very new on the scene and is ranked at the number four spot, in fact, it's been so popular that at the time of writing it's sold out of stock.

What are AMD’s top chips by sales, then? At number one we have the AMD Ryzen 5700X, the mainstay from two generations ago which is still selling strongly, followed by its more affordable sibling, the 5600X.

The AMD Ryzen 7800X3D is in third place, followed by the 9800X3D as mentioned, and then the Ryzen 7600X is in fifth. It makes sense to see the 7800X3D in a strong position; it's now the cheaper alternative to the next-gen 9800X3D, while remaining a strong choice of CPU for serious PC gamers.

(Image credit: Future/John Loeffler) Analysis: Processing advantage AMD

This represents a very clear picture of how AMD has pulled ahead in the CPU arena, albeit it is just one retailer – though a huge retail player, of course.

If you look at Newegg, which also keeps a regularly updated CPU ranking, this isn’t quite as heavily weighted towards AMD, but Team Red is clearly winning. In this case, Intel does have chips at numbers five through to eight, and 14, plus 20, but the rest of the top 20 is entirely AMD (again, that’s correct at the time of writing, though the processors may have shuffled around a bit by the time you’re reading this).

It’s much the same story as Amazon with the bestselling Ryzen chips, though the top seller is actually the Ryzen 9800X3D in this case (even though it has sold out – stock is still a big issue for would-be buyers), followed by the Ryzen 7600X (with a nice discount as you might guess). For Intel, the 14700K and 14900K are the top offerings – you won’t find an Arrow Lake CPU until number 39, where the flagship 285K currently resides.

Are we particularly surprised at this development? Well, not really, although the grip AMD has on the market at Amazon is pretty eye-opening. But given recent history in the world of CPUs, with Intel having a nightmarish time with its 14th-gen and 13th-gen silicon suffering serious instability problems, and Arrow Lake having a wobbly launch too, it’s pretty much a given that AMD is going to capitalize on these missteps.

Even if Ryzen 9000 also received a rather lukewarm reception, albeit the Ryzen 9800X3D has turned that around as a gaming powerhouse chip – the problem with that new 3D V-Cache CPU is that it’s out of stock everywhere, as noted.

Via Tom’s Hardware

You might also like

• AMD’s Ryzen 7 9800X3D is hot stuff - literally, as one has just burnt out a motherboard
• Intel may not have any new desktop chips coming until Nova Lake in 2026
• What is a processor: Your CPU explained in plain terms

• The Garmin Instinct 3 has been spotted in a major leak
• Garmin's own website has revealed that there will be a solar option again
• Also confirmed are a 45mm size option and black color

One of the best Garmin watches for the great outdoors looks set to get an imminent upgrade after a listing for a new Instinct 3 was spotted on Garmin's own website.

The Garmin Instinct 2 is one of our favorite Garmins, a five-star pick rocking a choice of sizes, tough exterior, great training tools, GPS, and very good battery life – which is why we're so hyped for the seemingly-imminent launch of the next generation.

Now, it looks like Garmin itself is also gearing up for the release, having accidentally listed the repair costs for a Garmin Instinct 3, and revealing some key new details in the process.

As spotted by Fitness Tracker Test, Garmin Spain's website leaked a repair code for a new 'Instinct 3, SOLAR,45mm,NEGRO'. As such, it seems that the Instinct 3 will be available in at least one of its popular sizes, a solar-powered version, and a black color option.

Garmin Instinct 3 details leaked

(Image credit: Future)

This latest leak is the first concrete information we've seen regarding a new Garmin Instinct, and it looks like the company is sticking to at least some of the formula that made its last version so great.

It's no surprise that a solar option will be available, and as the report notes a 45mm size listing doesn't preclude other options. It does, however, suggest that the company may be sticking to the current configurations of 40mm, 45mm, and 50mm.

The news follows a brief nod to the Instinct 3 in a recent Garmin leak suggesting some Garmin watches will add support for rucking, with leaker @Jw speculating that the feature could arrive alongside a new Instinct 3 before the end of the year.

The Instinct 2 turned two in November, indicating that a release of the third iteration could be very close at hand.

You may also like

• Garmin just dropped a load of free new features for its smartwatches and cycling computers
• I ran an entire marathon with a Garmin, an Apple Watch, and Strava – here are all the differences
• Black Friday Garmin deals 2024: Early sales live now on fitness watches

Whatever the Fed does with rates in December, opening one of these CDs now can protect your earnings.

The National Institute of Standards and Technology (NIST) has recently updated its guidelines on password rotation, advising against the once-standard practice of requiring users to change their passwords every 30, 60 or 90 days – unless an organization has experienced a data breach. This marks a significant shift from traditional cybersecurity policies that aimed to prevent breaches through frequent password changes. However, NIST’s new stance may seem at odds with the real-world needs of organizations focused on reducing security risks.

Understanding password rotation

Password rotation refers to the practice of regularly changing passwords to minimize the risk of unauthorized access to sensitive information. There are two primary types of password rotation: manual and automatic.

Manual password rotation requires users to update their passwords at set intervals, while automatic password rotation relies on technology to generate passwords and replace them without user intervention.

While manual password rotation has been common practice, it often has the unintended effect of leading to weak passwords and user frustration. In contrast, automated password rotation enhances security by regularly generating strong and unique passwords without the user burden of having to generate or remember them.

NIST’s shift away from frequent manual rotation

NIST’s latest guidance discourages enforcing mandatory password changes every 30, 60 or 90 days unless there is evidence of a breach. This change stems from the realization that frequent mandatory password updates can lead to poor user behavior, such as creating weak or easily guessed passwords for convenience.

For example, when required to change passwords frequently, users may make only minor adjustments to an old password – like changing “Password1” to “Password2” – which weakens security and makes it easier for attackers to guess credentials using techniques like credential stuffing or brute force attacks. Those passwords are also frequently reused across multiple accounts.

NIST’s updated guidance recognizes that the effectiveness of frequent password changes is limited unless there is specific evidence of compromised credentials. Rather than focusing on how often passwords should change, NIST now emphasizes the use of strong passwords and Multi-Factor Authentication (MFA) as more effective means of enhancing security.

Why password rotation still matters

Despite NIST’s recommendation to reduce mandatory password rotation, it remains relevant in certain contexts – particularly for privileged accounts that hold access to sensitive systems and data. Rotating passwords can effectively limit exposure if credentials are compromised. Automated password rotation is essential because it:

• Prevents unauthorized access: Using the same password for extended periods increases the risk of a cybercriminal cracking it. Regularly changing passwords for sensitive accounts limits the time attackers have to exploit compromised credentials.
• Limits exposure time: Frequent password rotation reduces how long a stolen or compromised password can be used to damage, alter or steal data. For example, if an HR employee’s password is compromised, regular updates can minimize risk.
• Reduces the risk of password reuse: Manual password rotation often leads to users recycling or reusing variations of the same password. Automated systems mitigate this by generating strong, unique passwords, preventing users from adopting poor habits.

Additionally, password rotation is a critical measure for organizations that have shared accounts or use contractors, and for securing accounts when offboarding employees.

The challenge of manual password rotation

While password rotation is still relevant, not all methods are created equal. Manual password rotation presents challenges, such as user fatigue, weak password creation and reduced productivity. Users may struggle to generate and remember new, strong passwords, opting instead for easily memorable patterns or predictable variations of old passwords, which makes accounts vulnerable to attacks.

Additionally, enforcing manual password rotation disrupts workflows. Employees may waste time trying to recall or reset forgotten passwords, detracting from their primary work duties. Frequent changes without automated systems can lead to more frustration than security.

Balancing security and usability with automated password rotation

Automated password rotation addresses the shortcomings of manual password changes while maintaining high levels of security. Organizations can benefit from:

• Reduced user burden: Automated systems eliminate the need for users to remember or create new passwords. By generating and replacing passwords automatically, employees can focus on their work without interruptions.
• Stronger password practices: Automated systems ensure that new passwords meet complexity requirements, reducing the chances of successful brute force or credential stuffing attacks.
• Enhanced security for privileged accounts: Privileged accounts benefit the most from automated password rotation, as regular updates limit exposure time and ensure even insiders cannot exploit static credentials.
• Minimal disruption: Automated password rotation happens behind the scenes, allowing users to continue their work without needing frequent password resets.

Implementing automated password rotation securely

To implement automated password rotation, organizations should consider using a Privileged Access Management (PAM) solution that automates the generation, rotation and secure storage of passwords. This ensures strong passwords are regularly updated and stored in an encrypted vault, accessible only to authorized accounts based on the principle of least privilege to limit exposure.

Embracing a modern approach to password security

NIST’s updated guidelines reflect a more nuanced approach to password security, emphasizing the importance of strong, unique passwords while de-emphasising frequent manual rotation. However, password rotation remains critical for privileged accounts.

Automated password rotation is key to balancing security and usability in today’s complex threat landscape. Organisations should adopt modern PAM solutions to implement strong password practices without burdening users, ensuring sensitive data remains protected while maintaining productivity. By embracing automated password rotation, businesses can stay ahead of cyber threats and protect their most critical systems and information.

We've featured the best business password manager.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

• Arcane's showrunners haven't ruled out physical appearances from the Black Rose's members in season 2
• Fans have long suspected that one or more of them will show up in the animated show
• Even if they don't, the Netflix series' creators were excited to introduce them to a wider audience

Full spoilers follow for Arcane seasons 1 and 2.

There are only three episodes left of Arcane's second and final season and, as the clock ticks down to its finale, fans are still waiting for an answer to an absolutely huge question.

No, not the "what's going on with Jayce?" one, which I already examined in this article about Jayce walking a very dark path in Arcane season 2's later entries. I'm talking about the hit Netflix show's main villain, who's yet to be revealed as Arcane approaches its endgame.

There have been plenty of candidates for the series' antagonist-in-chief. Silco fulfilled that role last season but, following his demise in the season 1 finale, we're none the wiser about who's succeeding him as Arcane's Big Bad. Is it Ambessa, who's been an increasingly antagonistic figure since her season 1 episode 7 debut? How about Jayce following his unexpected heel turn in Arcane season 2 act 2? What if, in the end, it actually ends up being Jinx?

The Black Rose are an incredibly powerful, menacing, and secretive Noxus-based faction (Image credit: Netflix)

In many viewers' minds, mine included, it won't be any of them. Indeed, fans have had a magical theory about Arcane's main villain for a long time, with some proposing that the Black Rose, a secret and dark magic-wielding organization, will be the show's actual evildoers. It's a hypothesis that predates Arcane season 2's official trailer being released in mid-September, too, with that two-minute-long teaser hinting at the Black Rose's introduction.

Well, as I covered in my Arcane season 2 act 1 ending explained piece, the Black Rose is officially part of the proceedings. What's still unclear after the arrival of season 2 episodes 4 through 6, though, is whether the Noxus-based sect is one of the best Netflix shows' chief bad guys. Or, rather, bad girls, because three of their four most famous members are females. That includes their infamous leader LeBlanc, the millennia-old sorceress who's essentially Noxus' shadow ruler and pulls the strings of whoever sits on the expansionist empire's physical throne.

What does the Black Rose want with Mel? (Image credit: Netflix/Riot Games/Fortiche Production)

With the Black Rose playing an increasingly larger role as Arcane season 2's story progresses, will we see LeBlanc and/or any other Black Rose members appear before Arcane's final credits roll? I had the opportunity to speak to the animated League of Legends (LoL) show's creators Christian Linke and Alex Yee ahead of its initial debut on November 9, so I felt obliged to ask the pair if this would be the case. Interestingly, they didn't actually deny it.

"Hmm... you really want to know, don't you?" Linke replied with a wry smile and a not-so-coy laugh. Before I had a chance to respond, Yee jumped in to cleverly add: "Are you asking 'will they be there' or 'will you see them?'"

The coolest version of the Black Rose is when they're invisible

Christian Linke, Arcane co-creator

You've played this game before, haven't you, gentlemen? Considering the pair didn't outright deny that LeBlanc and/or her fellow ancient magic wielders would appear, I'm led to believe that, at the very least, one of them will. I've got the evidence to back that up, too. The cast list of season 2 episode 5's end credits sequence mentions a character named 'illusionary sorceress' who's not only the individual who speaks to Mel in this chapter but also voiced by Minnie Driver. Don't be shocked if Driver is the voice for Arcane's animated take on LeBlanc, and, providing I'm right, if Driver and LeBlanc are subsequently added to my Arcane season 2 cast and character guide.

But I digress. Even if I'm completely wrong in my assumptions about members of the Black Rose appearing before season 2 ends, it doesn't sound like this is the last we'll see of them. With many more LoL movie and TV adaptations in development, Linke suggested they may crop up, or at least be mentioned, in future projects.

I'm convinced that we'll see LeBlanc appear in Arcane before it ends (Image credit: League of Legends universe website)

"When we've talked about them internally, the coolest version of the Black Rose is when they're invisible," Linke said. "But what's also really cool is they're one of the first glimpses of this larger world, and the characters that have an association with the arcane and magic that comes from another realm. It's a good thing that fans have opinions on what's happening with Hextech, magic, and all of these things, and we're really excited about those things, too. But, you know, the Black Rose is an integral part of season 2, and that's all you'll get for now."

For more coverage ahead of season 2 act 3's release, check out more articles from my exclusive chat with Linke and Yee below.

You might also like

• Arcane season 2 is rewriting the 'truth' of some vital League of Legends lore, but the Netflix show's creators deny they're breaking the game series' canon
• Arcane season 2 finally gave us the huge Caitlyn and Vi moment we've been waiting for – and its creators say 'we couldn't have done it in season one'
• After Arcane season 1 ended on a stunning cliff hanger, its creators say it was 'always the plan' for those characters to die in the season 2 premiere

Black Friday and Cyber Monday will be here before you know it. These are the shopping tools you'll want to save big.