Passwords leaked from popular password managing apps
In a report published at the end of February, it was revealed that almost nine popular password managers confirmed security vulnerabilities. With this news comes the big question- will we be able to protect anything in 2017? Can we keep things safe from the hackers?
The main purpose behind having password managers is to make sure all your passwords are in a single, safe and secure place, in a well-managed condition. To protect your information stored in the different devices and software, password managers are extremely useful.
With this report, you cannot trust the security offered by these password managers.
The password managers that were found to be vulnerable to hacker attack attempts include- LastPass, Keeper, 1 Password, My Passwords, Dashlane Password Manager, F-Secure Key, Avast Password. If you look at the number of people who have downloaded and installed these managers, you will find a range of 10000-50Mn. This means a large number of people have been affected by the security vulnerabilities. A total of 26 issues were reported it seems, which have been informed further to fix the issue.
Issues Found in Password Managers
In some cases, it was found that these password managers were vulnerable to the data residue attacks, while a few others were vulnerable to clipboard sniffing. In some cases, the apps stored the master password in plain text format or, showed the encryption keys while typing in the code, which made hacking easy and effortless.
For example, the master password for MyPasswords app was decrypted, and it allowed you to read into the private data.
In another app Password Manager, you could read the subdomain password in the internal browser. In this same app, you will see that the title and URL are not encrypted. You can even read the private data in the app folder.
Similarly, Informaticore has an insecure format of storing your credentials. These vulnerabilities were attacked, and the passwords of important information were hacked.
As a golden rule, you should follow these steps when creating passwords to secure your information
• Ensure the passwords cannot be easily hacked into
• Use symbols and numbers that don’t necessarily make sense
• Don’t save all the passwords in a single place
• Know the vulnerabilities of the password manager you are using
• If a password manager allows you to save credentials without master password, don’t use the password manager
With these few tips and a complete understanding of the password manager, you would be able to beat the vulnerabilities.