![]() ![]() Karl Greenberg: How do password managers protect against this, or the kind of misfortune sustained by LastPass? Especially in the past 12 to 18 months, replaying MFA (multi-factor authentication) attacks and OTP (one-time password) codes from banks has become easier and easier for attackers. Steve Won: Frankly, phishing for credentials is the easiest vector of attack. Karl Greenberg: How significant a threat is credential theft today? 1Password Chief Product Officer, Steve Won This transcript has been edited for brevity. ![]() TechRepublic interviewed Won about credential vulnerabilities, encrypted keys, vaults, and where it’s all heading. The report also found that stolen credentials accounted for 19% of breaches, costing organizations on average $4.5 million, or $150,000 more than the average cost per company of a data breach. Won sees this trend continuing, noting that IBM’s 2022 report on the cost of data breaches pointed to compromised credentials as the leading attack vector. A developer-first roadmap to credentials revolution.Not-so-long game: eliminating passwords completely.“Not easy” is not a solution for credentials. ![]() Reducing threat through less memorization.The 1-2-3 rule to avoid credential theft.LastPass can vouch for that in a dark irony, in December 2022 a threat actor stole the credentials of a LastPass DevOps engineer, granting them access to an unencrypted vault. Image: Song_about_summer/Adobe StockġPassword Chief Product Officer Steve Won says credentials theft is ubiquitous and getting worse. With phishing-based credentials theft on the rise, 1Password CPO Steve Won explains why the endgame is to 'eliminate’ passwords entirely. 1Password is looking to a password-free future. ![]()
0 Comments
Leave a Reply. |