News &
Information

Cross-Over Of Personal And Work Passwords Continues To Put All Employers At Risk

Too many continue to reuse personal passwords for work accounts. We examine the risk.

Shipping Notification Scams Are On The Rise: What Are The Red Flags?

Cybercriminals are taking advantage of the increase in deliveries to trick you into downloading malware or sharing information. We examine.

Employee Training Is Important For Cybersecurity, But Other Safeguards Are Needed, Too

It is not enough to train employees on preventing cyberattacks. Read why technology, such as Network Traffic Analytics, is necessary.

Data Breach Notification Plans Are Necessary For Reacting To A Breach

Organizations need a data breach notification plan in place, and the capacity to carry it out. We examine.

Password Managers Are Effective, But Are There Limitations?

The most commonly breached password continues to be "123456" followed by "password."

A 2018 survey conducted by McAfee found that nearly a third of respondents use only two or three passwords for all of their accounts, and the average person uses only 13. People find memorizing a unique, complex password for every single online account impossible.

 

A password manager can be the solution. A password manager is a software utility that generates strong, unique passwords and stores all of them securely. It can automatically fill in your username and password when you go to a login page and can do so regardless of the browser or device you use.

 

Only three percent of internet users rely primarily on a password manager to keep track of their passwords, according to the Pew Research Institute. Laura Hautala "Password managers: A little pain for a lot of security" cnet.com (Mar. 10, 2020).

Commentary

Password managers offer a number of benefits. By making it easy to use strong, unique passwords for every account, they greatly reduce the risk that cybercriminals can hack your accounts by guessing your password or by using a password stolen from one account to access others (a practice known as “credential stuffing”). 

 

Most password managers also protect you from phishing scams. They will only fill in your login credentials when you are on a legitimate website, making it harder for cybercriminals to trick you into giving them your username and password with a spoofed website.

 

When you use a password manager, you will most likely not be able to remember all of your passwords, which means you are less likely to share them, including in response to an email request. Some password managers even notify you if your password is compromised or a website you use was breached.

 

Here are some tips to consider before you use a password manager.

 

Password managers do not always work smoothly across all websites. Sometimes they do not recognize a login field and security questions can cause them problems. Some websites intentionally block the autofill feature on their login page, making password managers inoperable on these sites. In those cases, you will simply have to find the password you want in your password manager and manually enter it.

 

The most important part of using a password manager is that you absolutely must keep the master password or key to your password manager safe and secure. Don’t trust this to your memory, because if you lose it, you likely lose access to all of your passwords and will have to create new passwords for every account, which could take hours. Never reveal your password manager password in response a request. You do not want a phishing cybercriminal to gain the password to your password manager.

 

Never trust any email claiming to come from your password management software requesting that you email or enter your master password. If you are contacted by your password manager software, call them directly using a number listed in an independent source.

 

Consider storing a written copy of your master password in a locked safe that only you have access to.

Finally, your opinion is important to us. Please complete the opinion survey: