Category: password manager

Google, the pioneering service that originated with Gmail and marked its 20th anniversary on April 1st, 2024, has unveiled a new feature named ‘Password Manager.’ This service allows users to seamlessly transfer their passwords from their mobile devices to other devices or online login accounts.

While this new feature offers undeniable convenience, experts are sounding alarms about potential security risks. The transfer of passwords via CSV files poses a significant threat as these files can be accessed by unauthorized individuals, potentially enabling hackers to exploit them with minimal interception knowledge. Furthermore, there’s a concern that applications with permission to view or modify files on the device could tamper with the transferred passwords.

In response to these security concerns, Google has implemented a mandatory step requiring users to input their login password. However, this measure alone may not be sufficient to instill trust among users, especially considering the risks of password guessing or brute force attacks.

Despite these drawbacks, there are several advantages to utilizing this feature. Importing and exporting passwords becomes incredibly convenient for users, and the service includes a built-in de-duplication process for credentials.

Accessing this new service is straightforward. For Android users, simply navigate to the settings tab on your device, access Google services, then tap on ‘Manage your Google Account,’ followed by ‘Security,’ and finally, the ‘Password Manager‘ service.

For those preferring browser access, visit passwords.google.com and follow the provided guidelines to access the service securely.

Users should exercise caution when downloading CSV files and refrain from opening files from unknown senders to mitigate potential risks.

While features like data encryption and password protection are still evolving in this realm, recent efforts have extended these security measures beyond the Chrome ecosystem to other browsing platforms.

The post Google new Password Manager raises security concerns appeared first on Cybersecurity Insiders.

Carole's in her sick bed, which leaves Graham in charge of the good ship "Smashing Security" as it navigates the choppy seas of credential stuffing and avoids the swirling waters of apps being sloppy with sensitive information. Find out more in this latest edition of the "Smashing Security" podcast, hosted by Graham Cluley with special guest BJ Mendelson.

As threats to technology and private information become more frequent, the President of the United States and Congress have proclaimed October to be Cybersecurity Awareness Month. This initiative aims to assist people in protecting themselves online. Government and business are working together to increase cybersecurity awareness on a national and worldwide level under the direction […]… Read More

The post See Yourself in Cyber: 4 Steps to Stay Safe appeared first on The State of Security.

LastPass, the popular password manager used by millions of people around the world, has announced that it suffered a security breach two weeks ago that saw attackers break into its systems and steal information. But don’t panic just yet – that doesn’t mean that all of your passwords are now in the hands of internet […]… Read More

The post LastPass attackers steal source code, no evidence users’ passwords compromised appeared first on The State of Security.