Thursday, 1 September 2016

Sorry, but your browser password manager probably isn’t enough



Credit: JMark Business Solutions

Opera has been hacked. Data loss included, “some of our sync users’ passwords & account information.”

https://www.wired.com/2016/08/browser-password-manager-probably-isnt-enough/?mbid=nl_83016_p4&CNDID=

If you are ready to tighten up your password management, lots of good information at:

https://hhg2tech.blogspot.com/2015/02/how-to-keep-your-passwords-secure.html
/ your browser password manager probably isn’t enough navigate through Chrome Safari Firefox your browser of choice enticing option would you like us to save your password recent browser breach reminder if you answer yes you’re taking a risk browser Opera confirmed successful attack system systems hackers able access personal information company developer Tarquin Wilton-Jones post announcing breach sync users passwords account information Opera sync browser’s version feature coordinate passwords across devices save your Facebook password Chrome Safari Opera your desktop waiting mobile versions devices logged in Opera encrypts all passwords stores reset all Opera sync account passwords reset passwords third-party as a precaution Opera’s 350 million users used sync last month fallout likely limited incident reminder browser-based password syncing terrific time-saver not a replacement for more serious security hygiene real concern browser-based password managers make life more convenient offer a false sense of security issue what happened to Opera happen elsewhere concern repeated companies more security resources at their disposal Google Apple real concern browser-based password managers make life more convenient false sense of security not at all clear how secure any of them really is cryptography details implementation details should at least be documented somewhere but they’re not Evan Johnson systems engineer CloudFlare studied password managers Chrome your passwords are always encrypted Safari Firefox Opera difficult assess scope damage last week’s hack Opera’s password synchronization implemented Jérôme Segura analyst Malwarebytes users developers full access to the code secure password managers reputation doing a better job protecting stored passwords claims Mark Burnett Perfect Passwords who is more secure who will get hacked next price of convenience browsers keep your password safe security secondary focus features make your life easier not safer convenience-versus-security problem digital lives storing passwords with the browser bad idea browser password managers have not evolved stagnant Chrome improve Chrome Password Manager Smart Lock suite of features Google introduced passwords.google.com central place manage passwords Chrome access site protected two-factor authentication Smart Lock skip log-in process entirely some apps activate setting potential benefit Lorrie Cranor FTC chief technologist Carnegie Mellon computer science professor relying on your browser at least better just reusing passwords find out pretty quickly security problem browser password storage use the same passwords everywhere password had a breach biggest problem browser-based password storage doesn’t require strong passwords value equation would be different Opera breach only public example so far hack vulnerabilities large scale hypothetical scourge of weak passwords browsers usability features good password hygiene random password generation weak password hunting password reuse browsers one strong password required to access the other passwords browser storage system Opera major web browser developer breach like this passwords strong master password experts recommend use dedicated password manager like LastPass 1Password Dashlane store your information in the cloud breached researchers unearthed handful of LastPass vulnerabilities help you create keep better passwords fair trade-off security versus convenience online password managers better suited browser-based ones browsers many interweaving parts password managers singular focus more secure result Opera sync changed your passwords browser share your password across devices /

No comments:

Post a Comment