Why you should not use password managers
With the recent hacking of both LastPass (3rd time) and Norton Password Manager in just the past 2 weeks, you may want to think twice about using a software password manager.
Users of LastPass were notified that the breach included usernames, email addresses, and passwords. Several million passwords were also stolen in the breach as well.
Password managers are often praised for their convenience, but several security flaws make them vulnerable to hackers. LastPass has experienced three major security breaches. The first incident involved the theft of email addresses and hashed passwords from their website in 2015.
The second incident happened earlier this year when the hacker gained access to the servers that stored user credentials and passwords. Following the security breach, the stolen data was posted for sale on the dark web for $50,000. And just last week LastPass was hacked once again.
This time they announced that nearly five million customer credentials were stolen including usernames, email addresses, and passwords that were stored in their system.
Although using password managers may seem like a good idea at first, there are several security risks you should be aware of before using them.
First, let’s take a look at some of the security features found in a password manager and how they make them vulnerable.
> Single point failure – When something goes wrong with the password manager, all of your accounts and login information could be compromised. Because of this, cybercriminals can easily gain access to your accounts and personal information. The breach at LastPass is a perfect example of this.
> Since everything is stored in one place, a single point of failure means that if your data is stored on the servers of the password manager’s company then any hack into those servers means all of the user’s accounts are in danger. This means that the username and password of all your users can be accessed.
For example, if a hacker gets access to a database that contains your login credentials they will instantly have access to all your users’ accounts including your own! This happened to Dropbox when a hacker accessed the user database back in 2012. This caused the company to lose almost 68 million users at the time.
When you use a password manager all of your passwords are stored in a single place which means if a data breach occurs all the information stored in that database can be accessed. This can lead to identity theft since hackers can get access to all the user credentials stored in the database.
Password managers are not very safe. .They contain many security vulnerabilities which make them unsafe to store your passwords in.. Password managers use encryption to protect users’ passwords and sensitive data but it is quite easy to crack this encryption so hackers can still get access to this information if they want to. This leaves users at risk because all their data is stored on the companies’ servers and if the server is hacked into it means that all users’ private information is exposed.
Old school is best. Using a pen and paper to store your passwords is safer than using a password manager and it’s a lot more secure than using an app or website to store your passwords.