What if my password manager gets hacked?
Рет қаралды 6,852
Күн бұрынPassword managers themselves need to be kept secure - here's how!
nakedsecurity.sophos.com/cybe...
@nachomarquez7541 Жыл бұрын
Thanks a million for that info. So sad this valuable content is not getting much more viewers and likes.
@stevelarocque 3 жыл бұрын
Thanks Paul. I'm sold on password managers but am wondering about "unlocking the master cabinet" and leaving it unlocked. Most password managers have a browser plugin. You can log into the manager and then you can use the passwords stored in it. But if it stays "logged in" then malware and 0 days conceivably can get at the whole inventory. If you log out of the password mgr after each use, that probably doesn't really fix this problem, and also the inconvenience factor of re-typing your master password (which is long and complex of course) makes it onerous. Could you recommend practices that mitigate for this risk? I think lots of people with password managers log into them when their browsers start and then just leave the cabinet "unlocked" throughout their browser session, potentially for hours or days. What are best practices to reduce this kind of exposure? Thanks! You are informative as ever!
@NakedSecurityBySophos 3 жыл бұрын
Thanks for your kind words, much appreciated. On the topic of "logging out when not in use", I am probably something of a rarity in that I make habit of it, in the same way I hardly ever use suspend/sleep mode on my laptop during the day, and never use it overnight (I have simply got into the habit of logging off from everything and shutting down). Even in my password management routine, I use an encrypted loopback file that I need to decrypt and unlock just to mount it for use, and then every password in there needs decrypting afresh each time I want to use it, so I never have passwords unlocked by mistake. This constant relock-and-unlock is less convenient than most people I know will tolerate, but I reckon it costs me at most 3 minutes a day on average... and it means I never have to worry what I left unlocked by mistake. Oh, and my browsers clear cookies and local web storage every time I exit, just to stop me staying logged in to online accounts by mistake. As Mr Miyagi famously said, "Best way to avoid punch is no be there."
@Ed-em6mf 3 жыл бұрын
Great eyeopener about password management!
@charcot725 3 жыл бұрын
Great Information! Thank you!
@NakedSecurityBySophos 3 жыл бұрын
Thanks, glad you found it useful!
@fionamullen3771 Жыл бұрын
You are a great find. I have a request, namely to do something really super basic on “how password managers work once you have installed them and how to get them to kick in for every website”. I ask because I have an app called “Authenticator” on my phone. I have already forgotten what website was installed for. I have other apps offering password security on my desktop. But I actually don’t know how to get them to “automatically kick in” on my phone, laptop and PC whenever I am asked for a password.
@kkoz83 3 жыл бұрын
Thank you!!!
@NakedSecurityBySophos 3 жыл бұрын
It's a pleasure, thanks for watching.
@geo8rge Жыл бұрын
You should update this video for the LastPass hack.
@Yharim. 2 ай бұрын
oh hell nah what is that
@neiltropolis 3 жыл бұрын
Thank you
@NakedSecurityBySophos 3 жыл бұрын
Pleasure, thanks for watching!
@An.Individual Жыл бұрын
Video all padding and waffle.
@VK6TT 3 жыл бұрын
4 mins and you still haven't got to the point.
@NakedSecurityBySophos 3 жыл бұрын
To be fair, perhaps you aren't quite the viewer that this video is really aimed at? (The first minute or two should have clarified that.) For some of our viewers, I would argue that the bits at 0'40" and at 1'47" are fairly important, given that if you've never thought that "password management" was even a thing - and we were surprised how many people hadn't - then it's worth knowing how and why a password manager can both improve and reduce your online security before thinking about how to protect the data it holds.
@nickquik Жыл бұрын
It's amazing someone is giving free info yet you feel compelled to show how entitled you are
@An.Individual Жыл бұрын
Agree. lots and lots of waffle. Video title is "what if my pw manager gets hacked" then talks about what if you don't have a password manager!
@remektekmedia6641 3 жыл бұрын
Do we really need 8 minutes of intro???
@NakedSecurityBySophos 3 жыл бұрын
I hope not, because there isn't 8 minutes' worth of intro.
@nickquik Жыл бұрын
It's amazing someone is giving free info yet you feel compelled to show how entitled you are
@phred.phlintstone Жыл бұрын
talks in circles too much, bottom line up front. Do the endless stories last.
Mental Outlaw
Рет қаралды 48 М.
Garena Free Fire Global
Рет қаралды 43 МЛН
超人夫妇
Рет қаралды 46 МЛН
All Things Secured
Рет қаралды 127 М.
Bekmobil shorts
Рет қаралды 1,5 МЛН