Threats

Your Password Manager is Compromised - Now What?

As technology advances, we rely more and more on digital services for a variety of tasks from money transfers to buying tickets. With that in mind, many people use password managers to store their passwords securely; however, are they truly safe? Can hackers crack them or do these applications guarantee our security?

In this article, you will get a thorough understanding of password managers and the latest breaches related to them. Moreover, we'll highlight ways on how to protect your data in the event that your password manager is compromised.

What are password managers?

Password managers are secure web apps that enable users and businesses to save and organize all their passwords under one safe repository or digital bolt. This makes password management a breeze - users don't have to remember multiple passwords anymore, only the master one. It is fast and easy-to-use, making your digital life much more convenient. However, businesses need do much more to keep corporate credentials safe. According to Verizon's 2022 Data Breach report, over 61 percent of data breaches involved brute force, credential stuffing, or compromised credentials.

Are password managers free from breaches?

No, password managers are not 100 percent secure and can be breached. Examples of recent breaches include LastPass, Keeper Security, Dashlane and many more. Such cyberattacks mainly involve the theft of either user credentials or master passwords leading to major data loss.

Recent password manager breaches

Very recently, customers of Norton LifeLock (a cyber-safe app) became the targets of a credential-stuffing attack. Attackers used a third-party list of compromised login credentials and combined them to break into Norton's password manager accounts. The company detected suspicious login and warned customers (through notifications) to take immediate action.

Last year, LastPass got attacked multiple times. In December 2022, LastPass announced that cybercriminals took backups of the safe digital vault (cloud storage bucket) containing encrypted user data. The password manager backup held sensitive credentials like passwords, billing information, and email addresses.

In August 2022, LastPass became the victim of an impersonation attack. Cyberattackers breached their password managers' development environment to steal the source code and customer data.

In 2019, researchers found vulnerabilities in password managers like Dashlane, KeePass, and 1Password.

Common ways password managers get hacked

  • Brute-force attack: Attackers use automated tools to guess the master password until they get it right.

  • Phishing attacks:Criminals send registered users fake emails containing malicious links that lead to compromised websites and then extract their login credentials.

  • Malware attack: Attackers inject malicious codes into a system and then steal user credentials.

  • Credential stuffing: Attackers will use a compromised list of sensitive credentials and feed them into an automated boy system to attempt to compromise a system or user account

  • Remote storage attacks: Attackers target the remote storage system used by a password manager to store their user data.

  • Weak encryption: Weak encryption in password managers can lead to a cyber threat to the users' credentials stored in the system.

How to protect yourself if your password manager is compromised

Nothing is 100% secure and your password manager is no different. Take immediate action if you see vendor notification about a severe breach or notice suspicious activities or login attempts in your password manager. Here are some helpful methods to protect your online accounts and data if your password manager gets compromised.

  • Change your master password: If you suspect that your password manager has been hacked, immediately change the master password. Also, make sure to use a strong, unique and long passwords of at least 12 characters comprising lowercase and uppercase letters, numbers, and symbols for a high level of security.Using a passphrase can also be more secure than a dictionary work.

  • Enable two-factor authentication: Two-factor authentication (2FA) adds an extra layer of security to your digital accounts. Enabling 2FA in your password manager helps protect against unauthorized access even if an attacker has the master password.

  • Backup your vaults: It is always a good idea to backup your password manager’s digital vaults. That way, you can quickly access your data if they get lost or stolen due to a cyber attack.

  • Update software and algorithms: Always make sure that the algorithm used by your password manager is up-to-date and works efficiently against cyber threats. Also, keep the software version updated to avoid any security issues.

  • Monitor your accounts: Monitor all your online accounts regularly and look out for suspicious activities or unauthorized logins. If you notice anything unusual, contact customer support of your password manager as soon as possible.

By following these steps, you can protect yourself from potential cyberattacks and keep your accounts safe.

Conclusion 

While it is impossible to be 100% secure, you can still take proactive measures to protect yourself against cyberattacks. Password managers are still recommended over using manually created passwords on each application/service that you use even with the chance of a breach. By taking the steps listed above, you can keep your accounts safe.

Interested in a company-wide password audit?

Packetlabs offers a comprehensive AD password audit, which includes a complete review of all company passwords. This review includes:

  • Overall risk level

  • Top-used passwords

  • Top-used base words

  • Character sets

  • Password length

  • Comparison of passwords against breach databases

  • Tailored recommendations

  • And more!

Contact us today to learn more about Packetlabs AD Password Audit.

Featured Posts

See All

December 10 - Blog

Hardware Token Protocols

Hardware token protocols: what are they, and what role do they play in your organization's cybersecurity? In today's article, our ethical hackers outline the most common hardware token protocols.

October 24 - Blog

Packetlabs at SecTor 2024

Packetlabs is thrilled to have been a part of SecTor 2024. Learn more about our top takeaway's from this year's Black Hat event.

September 27 - Blog

What is InfoStealer Malware and How Does It Work?

InfoStealer malware plays a key role in many cyber attacks, enabling extortion and lateral movement via stolen credentials. Learn the fundamentals about InfoStealers in this article.

Packetlabs Company Logo
    • Toronto | HQ
    • 401 Bay Street, Suite 1600
    • Toronto, Ontario, Canada
    • M5H 2Y4
    • San Francisco | HQ
    • 580 California Street, 12th floor
    • San Francisco, CA, USA
    • 94104