This is why we still recommend using a password manager, no matter what. if you use the same password for that website as you do for your email account, that person could then access your email account and use it to gain access to your other accounts. That’s not ideal, but it’s not the worst thing that could happen. If an advertiser did capture your password on a website, the worst someone with that data could do is sign into that website. Advertisers are currently just using this technique to capture usernames and email addresses, but there’s nothing stopping them from capturing passwords as well, if one was in a particularly nefarious mood someday. It’s not just a theoretical attack-it’s actually being used by advertisers on 1110 of the top one million websites today, according to Freedom to Tinker. This problem demonstrates the importance of using unique passwords on every website. RELATED: Why You Should Use a Password Manager, and How to Get Started You Need Unique Passwords Everywhere, So Password Managers Are Still Essential This demonstration site doesn’t currently show any problem if you use LastPass, but anything that automatically fills usernames and passwords with no user intervention-LastPass included-is theoretically vulnerable. Continue, and it will be autofilled in the background, with the script capturing the email address and password. Fill in a fake email address and password, and you’ll be prompted to save it in your browser’s password manager. You can see this problem for yourself by visiting this demonstration page.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |