password manager

Mon
19
Feb
John Lister's picture

Fake LastPass Gets Vetted by App Store

A fake app pretending to be from password manager LastPass not only made it into the Apple App Store but had a five star rating. It's arguably among the worst possible types of bogus app to bypass Apple's usually strict vetting process. LastPass is ... one of the best known password manager tools. It lets users store their passwords in an encrypted vault, accessible only with a master password. The service can also generate secure passwords. The company's name is based on the idea that the master password is the last password the user will ever need to create or remember. The big catch, of course ... (view more)

Thu
19
May
John Lister's picture

Google Offers Hassle-Free Way To Update Leaked Passwords

Google is making it easier to change passwords on an Android device after a security breach. It's automating much of the process through the Google Assistant feature. It works with the saved passwords tool on Chrome, which can automatically fill in ... user names and password fields on websites. The passwords themselves are then stored securely in the user's Google account, which is one of the reasons it's so important to keep the Google password secure. On both desktop and mobile devices, Chrome can already warn users if their saved login details for a particular site is known to have been ... (view more)

Thu
24
Mar
John Lister's picture

Browser-In-Browser Could Steal Passwords

A security researcher has warned that a fake browser could be used to more effectively scam users into handing over login details. Password managers and similar tools may be one way to combat the tactic. The warning comes from a security researcher ... who chooses to use the pseudonym mrd0x. They dubbed the approach a "browser-in-the-browser" attack. (Source: mrd0x.com ) The tactic would take advantage of websites that have registration and accounts but let users sign in with a third party account such as Google or Facebook. This works by displaying a pop-up window that's hosted by the ... (view more)

Mon
16
Sep
John Lister's picture

Password Manager Bug Exposes Last Used Password

Password manager LastPass has suffered an embarrassing security glitch that reveals a user's last used password, though some security experts argue that pulling off the exploit would have been difficult at best. The purpose of LastPass is to solve ... the problem of people having too many passwords to remember, but not wanting to reuse passwords across multiple sites. Once somebody signs up to LastPass, they create a single master password which is completely secret. Even LastPass itself doesn't store this password, so if a user forgets it, they are out of luck. The master password then stores ... (view more)

Thu
06
Jun
John Lister's picture

Firefox Adds Enhanced Password Manager, Cookie Blocking

Mozilla has made two major changes to make Firefox browsing easier and safer. It's adding a robust password manager and and enhanced cookie blocking feature that will help avoid dubious online tracking. The password manager is called Firefox ... Lockwise. For now it's only available as a browser extension, rather than being built into the browser itself. It's the same service that was previously available on mobile devices as "LockBox." The basic functions of Lockwise include being able to store login credentials and access from multiple devices, and are much the same as on third-party ... (view more)

Wed
20
Feb
John Lister's picture

Report: Most Password Managers Not Secure

Security researchers say some major password manager tools could be flawed. But they also say it's still sensible to use them, just with a degree of caution. It's a fact that using the same password for multiple sites is a massive security risk. ... That's because if one site gets hacked, it could mean that hackers can use the same password on another website to gain access to potentially sensitive information, resulting in identity theft or financial loss. Password manager tools (such as Roboform and Dashlane ) aim to overcome two big dilemmas with online passwords - which is keeping passwords ... (view more)

Wed
05
Oct
John Lister's picture

Should You Use a Password Manager?

Lately we've been posting a lot of articles about websites and services that have been hacked . One of the primary recommendations we have also repeated is that users should use unique and hard-to-guess passwords for each site, as this will help to ... prevent any further breaches. The reasoning is that if user account data is stolen on one site ( Yahoo is a good example ), the same username and passwords may also be valid on other sites - but only if users are using the same account names, passwords or password hints. Unfortunately this is often the case, because using the same passwords on ... (view more)

Thu
21
Jan
John Lister's picture

LastPass Password Manager a 'Phishing Risk'

A security researcher says he's published proof that users of password manager tool LastPass could easily be tricked into handing over login details. LastPass insists there is no bug with the service itself, but has made some changes to mitigate the ... issue. Sean Cassidy published details of the potential attack at a security conference. He says the way LastPass operates makes it too easy to create bogus looking login pages that could fool users into handing over their login credentials. According to Cassidy, two main problems combine to create the phishing risk. One is that LastPass ... (view more)

Thu
14
Jan
John Lister's picture

Password Manager Proves Security Risk

Google has uncovered a major bug in a security software tool that could expose user passwords to hackers. Its the second time in a matter of weeks that Google's found problems with security software . On this occasion the problem is with the ... antivirus package from Trend Micro, specifically a Password Manager feature. This allows users to store passwords securely with a master security code; at the touch of a button, users can then have them the program automatically fill in passwords and logins on websites. According to Google's Tavis Ormandy, the feature is installed by default with ... (view more)

Subscribe to RSS - password manager