Security News > 2023 > January > S3 Ep118: Guess your password? No need if it’s stolen already! [Audio + Text]

S3 Ep118: Guess your password? No need if it’s stolen already! [Audio + Text]
2023-01-19 19:53

Guess your password? Crack your password? Steal your password? What if the crooks already have one of your passwords, and can use it to figure out all your others as well?

I guess, in the light of recent disclosures by LastPass where password databases were stolen but the passwords were encrypted.

"DUCK. Yes, because if the crooks can sneak some malware into the background that can peek into memory while your server is running, they may be able to sniff out,"Whoa"! That looks like a credit card number; that looks like the password field!".

"Oh, I know what I'll do, I'll choose a really complicated password, and I'll sit down and I'll memorize X38/=?..., so I've got a complicated password - the crooks will never guess it, so I only have to remember that one."

"Instead of remembering it as the master password for a password manager, which is a hassle I don't need, I'll just add -fb for Facebook, -tt for Tik Tok, -tw for Twitter, and that way, literally, I will have a different password for every website."

If your password has complicated-bit dash two-letters, they can probably then guess your other passwords.


News URL

https://nakedsecurity.sophos.com/2023/01/19/s3-ep118-guess-your-password-no-need-if-its-stolen-already-audio-text/

#S3