Password managers are a good way to reduce human error in handling what is still the primary method of authentication for accessing websites and Internet services where we are registered. This type of software automates the password generation process and meets standard standards for size, complexity and variety.

In addition, they improve the convenience of the user, because he only has to remember the master password, and the manager takes care of the rest of the work. They also help against attacks phishing by immediately identifying characters from other alphabets. So far, everything seems to be a plus. But, What if password managers themselves are compromised? “Houston we have a problem”.

One of the worst cyber security incidents of 2022 was LastPass. It is one of the most popular managers and for this reason it is a frequent source of cyber attacks. Last August was worse than reported at the time. The attackers managed to gain access to personal information and other related metadata, and also stole source code and technical information from the service.

Norton Password Manager, another with problems

Gen Digital, which includes security companies such as Symantec Corporation and NortonLifeLock, is sending an alert to its customers that unknown hackers have successfully breached Norton Password Manager accounts in credential stuffing attacks. This type of attack is simple and involves using credentials obtained from a data breach of a large service to attempt to login to another unrelated service.

Specifically, the alert explains that around December 1, 2022, an attacker attempted to log into Norton customer accounts using username/password pairs purchased on the dark web. The company found out “unusually large volume” of failed login attempts on December 12, 2022, indicating credential stuffing attacks where cybercriminals test credentials en masse. By the end of the year, the company completed its internal investigation and revealed that the attack successfully compromised an undisclosed number of accounts customers.

It should be said that the attacks were not the result of Norton’s breach and its general services were not compromised. However, the attackers obtained the first name, last name, phone number and postal address of the compromised accounts. And what’s worse, they could get in details stored in private vaults.

The company says it has reset Norton passwords for Norton Password Manager on affected accounts to prevent attackers from accessing them in the future, has implemented additional measures against future attacks, and is advising customers to enable two-factor authentication to protect your accounts.

We must insist on the obvious that the capacity of these administrators is higher than that of human management and also more convenient, but they are not infallible. The most popular options in password managers are commercial and/or paid web services that require you to trust them to give them the keys to your digital home, so we’d always bet on an open source password manager when using them. , which offer the possibility of auditing the software and, above all, keeping login data under your own control.

And if you don’t want to use these managers, we recommend you follow this Password Management Best Practices Guide. A terrible method in terms of both security and usability, but until more advanced methods are consolidated, which must come from biometric identification, we will have to continue using them. As a final tip: enable two-factor authentication in all the services you use. The vast majority already offer this and it’s a good way to improve security.