The problems with password hygiene are well understood to move beyond passwords, but recent recommendations to improve passwords may cause even more problems.
First, new research suggests that popular password managers, like LastPass, have major flaws that can allow attackers to attackers to remotely siphon plaintext passwords without notice. On the other hand, two Microsoft security researchers say it should be just fine to reuse simple passwords for sites with non-sensitive data.
What do security experts recommend for users that are concerned about password security?
Listen to our latest security slice podcast and hear Tim Erlin, Tyler Reguly and Lane Thames discuss why free password managers may be too good be true, the best security criteria when choosing a password manager and why users may be unable to accurately rank the sensitivity of their accounts.
CLICK HERE TO LISTEN TO THE PODCAST
- Secuity Slice: Google’s Project Zero
- Security Slice: Bitcoins and Botnets
- Security Slice: The OpenSSL Revival
- Security Slice: Beware of Energetic Bear
Check out Tripwire SecureScan™, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the Heartbleed vulnerability.
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Title image courtesy of ShutterStock