The problems with password hygiene are well understood to move beyond passwords, but recent recommendations to improve passwords may cause even more problems.
First, new research suggests that popular password managers, like LastPass, have major flaws that can allow attackers to attackers to remotely siphon plaintext passwords without notice. On the other hand, two Microsoft security researchers say it should be just fine to reuse simple passwords for sites with non-sensitive data.
What do security experts recommend for users that are concerned about password security?
Listen to our latest security slice podcast and hear Tim Erlin, Tyler Reguly and Lane Thames discuss why free password managers may be too good be true, the best security criteria when choosing a password manager and why users may be unable to accurately rank the sensitivity of their accounts.
CLICK HERE TO LISTEN TO THE PODCAST
- Secuity Slice: Google’s Project Zero
- Security Slice: Bitcoins and Botnets
- Security Slice: The OpenSSL Revival
- Security Slice: Beware of Energetic Bear
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].