Managed IT Security & Support Services - Cybersecurity Consulting

Can’t a PW manager be hacked? Isn’t it risky to put all of your eggs in one basket?

Written by Admin | September 18, 2020

We all know the age old saying “Don’t put all of your eggs in one basket” meaning, don’t concentrate all of your resources in one area so that you don’t lose everything should situations prevail. So why don’t we treat our passwords this way?

One of the most important first steps you can take in increasing your security measures is to set a complicated password for each of your login portals to keep your business and personal information safe from unauthorized access. 

This is easier said than done. 

Most of us can’t remember, or even keep a list handy, of every password we’ve ever created since there are endless logins to the accounts we regularly need access to. This is where Password managers come in. PW Managers allow us to store, generate, and manage our passwords for online services. Most of us are familiar with Google’s autofill passwords which provide easy access to all accounts. 

But is a password manager really unhackable? Think about how many passwords you have stored on your web browser right now, and how much damage could be made if someone hacked your manager. Scary right? 

 

Are password managers really safe?

Password Managers can and have been hacked. In February of last year, a security report by independent consulting firm ISE disclosed flaws in the security of a password manager app. Having a password manager is better than not having one, but it isn’t foolproof. A Password manager’s main objectives are to create strong passwords, store the passwords (usually in the cloud on servers), and lock these passwords behind one master password. If the master password is hacked, then all of the passwords will be stolen

 

So if not a password manager, then what is the solution?

While Password Managers themselves aren’t completely unhackable, there are plenty of advantages to them. They force you to create new and strong passwords instead of reusing all your old passwords and will alert you if you’ve used the same password too many times. What you need to add is Multi-Factor Authentication (MFA) to your Password manager, to add an extra level of authentication, and with more verification, to secure your password manager. Rather than just asking for your master password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber attack. 


Contact us at info@rcsprofessional.com for more information on adding MFA to your existing password manager or for help getting one setup.