Password managers are a good way to reduce human errors in handling what is still the main authentication method to access web pages and Internet services where we are registered. This type of software automates the password generation process, complying with the standard norms in size, complexity and diversity of the same.
In addition, they improve the comfort of the user since he only needs to remember a master password and the manager will do the rest of the work. They also help against attacks phishing by immediately identifying characters from other alphabets. So far everything seems to be an advantage. But, What if the password managers themselves are compromised? “Houston, we have a problem”.
One of the worst cybersecurity incidents in 2022 was LastPass. It is one of the most popular managers and for this reason it has been a frequent source of cyberattacks. The last of the month of August was worse than what was reported at the time. The attackers managed to access personal information and other related metadata, and also stole source code and technical information from the service.
Norton Password Manager, another one with problems
Gen Digital, which includes security companies such as Symantec Corporation and NortonLifeLock, is sending notifications to its customers that unknown hackers have successfully breached Norton Password Manager accounts in credential stuffing attacks. This type of attack is simple and involves using the credentials obtained from a data breach of a large service to try to log in to another unrelated service.
More specifically, the advisory explains that around December 1, 2022, an attacker used username/password pairs purchased from the dark web to attempt to log into Norton customer accounts. The company detected “an unusually large volume” of failed login attempts on December 12, 2022, indicating credential stuffing attacks where cybercriminals test credentials en masse. By the end of the year the company had completed its internal investigation, revealing that the attack had successfully compromised an undisclosed number of accounts Of customers.
It must be said that the attacks were not the result of a Norton breach and his general services were not compromised. However, the attackers obtained the first name, last name, telephone number and mailing address of the compromised accounts. And even worse, they could have gotten details stored in private vaults.
The company says it has reset Norton Password Manager Norton passwords on affected accounts to prevent attackers from gaining access to them in the future, implemented additional measures to counter future attacks, and advises customers to enable two-factor authentication to protect your accounts.
We must insist on the obvious, the capacity of these administrators is superior to that of human management, and also more comfortable, but they are not infallible. The best-known options in password managers are commercial and/or paid web services, which require you to place trust in them to give them the keys to your digital home, so when using them, we would always bet on password managers from open source, which offer the possibility of auditing the software and, above all, keeping the credentials under your own control.
And if you don’t want to use these managers, we recommend you follow this Guide to good practices for managing passwords. A horrible method both in terms of security and usability, but until more advanced methods that have to come from biometric identification are consolidated, we will have to continue using them. As final advice: enable two-factor authentication in all the services you use. The vast majority already offer it and it is a good way to improve security.
