Skip to main content

Maybe don't use browsers to store your passwords

Cybersecurity
(Image credit: Shutterstock / song_about_summer)

In addition to practicing poor password hygiene, relying on password managers built into the web browser was another security faux pas highlighted by a recent survey.

Commissioned by access management vendor ThycoticCentrify, the survey noted that more than a third (35%) of the respondents admitted to relying on their web browser to store credentials on their personal and work devices.

"By cracking only one of those devices, an attacker can easily access all the passwords stored within the user’s browser. This makes it so much easier for an attacker to elevate privileges without being detected and gain access to the user’s email, company cloud applications, or even sensitive data,” pointed out Joseph Carson, chief security scientist and advisory CISO at ThycoticCentrify.

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window <<

Carson argued that even if a personal device is compromised, the attacker can use the authentication information stored in its web browser to analyze the user’s password habits and create all possible combinations of a password using cracking tools to eventually gain access to their well-protected corporate applications and system. 

Knowledgeable ignorance

The survey covered over 8000 knowledge workers from over a dozen countries, to get a handle on risky employee activities.

The research revealed that more than half (55%) of the respondents don’t mind connecting to a mobile hotspot even in a work-based scenario, while 32% have no qualms about connecting to public WiFi networks.

Furthermore, while 23% of the respondents have used personal devices inside their corporate network, 34% admitted to sending work documents to a personal computer.

Surprisingly an overwhelming majority (79%) chose to engage in risky behavior despite knowing the security implications of their actions. 

“When faced with a choice between productivity and cyber security employees will take the easy path and this mostly means sacrificing security,” concludes the research suggesting that businesses must strike a balance between people and technology to properly protect themselves from cyber threats.

Via The Register

Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.