By Robert Davis, Network and Systems Engineer, Nerd Crossing
Apple is getting in on password management for the big bucks — and to make password security an actual priority for customers. However, today’s in-browser password managers are still insecure.
Why? It’s simple — if you’re not prompted to provide a secret to verify your identity, then that means it’s available to anyone who is on your device during a given session.
My other tips include never providing admin access to your personal password manager, not saving passwords in your browser, and using a strong complicated password for all accounts.
As for *online* passwords password manager solutions, those accounts definitely benefit from rotation as websites have their password databases leaked regularly.
Though they are encrypted, once leaked hackers will start to brute force the weakest passwords first, and if they are still current, gain access.