Security News

5 password managers built for teams We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. I have a shortlist of password managers that are perfectly at home being used by teams.

5 password manager deals you don't want to miss. There are many great password managers on the market, but unless you happen to be lucky and are shopping at the right time, you might wind up paying a pretty penny for some of the best options.

One of the biggest beasts in the password management world, LastPass, is being spun out from parent LogMeIn as a "Standalone cloud security" organisation. "The success we've seen across the entire LogMeIn portfolio over the last 18 months proves there is a vast growth opportunity ahead for both LastPass and LogMeIn," said Andrew Kowal, a partner at Francisco Partners.

A report released Monday by security advice site Security.org looks at why people rely on password managers. In a survey of 1,077 American adults conducted in November, Security.org asked people about their experience with cybercrime, how they track their passwords and their views of password managers.

Password managers are a near-defacto standard for organizations, with 86% reporting they are being put to use, according to a Bitwarden survey of over 400 U.S. IT decision makers across a wide range of industries. This reflects a 9% increase in the use of password managers over the past year.

A new campaign is prying apart a known security vulnerability in the Zoho ManageEngine ADSelfService Plus password manager, researchers warned over the weekend. The threat actors have managed to exploit the Zoho weakness in at least nine global entities across critical sectors so far, deploying the Godzilla webshell and exfiltrating data.

Password managers are a good way to keep your passwords unique, strong and safe. A password manager is still the best way that balances convenience and security-with a heavy tilt toward security.

A critical security vulnerability in the Zoho ManageEngine ADSelfService Plus platform could allow remote attackers to bypass authentication and have free rein across users' Active Directory and cloud accounts. The Zoho ManageEngine ADSelfService Plus is a self-service password management and single sign-on solution for AD and cloud apps, meaning that any cyberattacker able to take control of the platform would have multiple pivot points into both mission-critical apps and other parts of the corporate network via AD. It is, in other words, a powerful, highly privileged application which can act as a convenient point-of-entry to areas deep inside an enterprise's footprint for both users and attackers alike.

A vulnerability in the Kaspersky Password Manager resulted in the created passwords being weak enough to allow an attacker to brute-force them in seconds, a security researcher claims. Developed by Russian security firm Kaspersky, the Kaspersky Password Manager allows users not only to securely store passwords and documents, but also to generate passwords when needed.

Last year, Kaspersky Password Manager users got an alert telling them to update their weaker passwords. Three months later, a team from security consultancy Donjon found that KPM didn't manage either task particularly well - the software used a pseudo-random number generator that was insufficiently random to create strong passwords.