Recently Foregenix released a blog in relation to the recent breach at OneLogin. As we know, many of us use a password manager in order to keep track of the numerous amount of passwords we have for specific accounts. This way, we only need to remember our master password and the password keeper does the rest for us!
There are many password managers out there, some are local and store the data on your systems hard drive and others are cloud based. One major advantage to the cloud based solution is that you can access your passwords from anywhere at anytime. However, the disadvantage is that your passwords are stored in the cloud and can be susceptible to attackers even after all the security protocols and procedures put in place by the organisations that provide this type of software.
For more information on the breach at OneLogin, please read our blog here at Foregenix.
If you have used OneLogin as a password manager, OneLogin asks everyone who is using their services to take the following three steps: Resetting the master password. Creating new certificates and security credentials for all websites and applications. To delete any passwords or private information stored in OneLogin’s secure notes. From our experience, we advise our clients that it is far more secure to have a database filled with many long, complex and strong generated passwords than use one easy to remember password or different small and easy to remember passwords. The reason for this is because as technology advances, hackers are capable of utilising their available computing power into guessing poorly created passwords with extreme speed and ease. The master password itself, however, should be a password which is hard to guess.