Authored by: PlexTrac Author Posted on: October 17, 2019 What is a Password Vault? So what is a password vault, and how does it help? These services act as a secure repository for all your credentials. Generally, they operate as plug-in to your web browser or a separate application on your mobile device. You sign in to your vault using a single password – and this is the only password you must remember. When you navigate to a site requiring a login, the password vault can usually auto-fill your credentials. Most will recognize when you enter credentials that are not already stored in the vault – then offer to add them for future use with a single click. When creating a new password, most will generate a very complex and very long password for you and store it automatically. By making the generation and storage of strong passwords easy, these programs eliminate the human tendencies that incentivize weak passwords and password re-use. As a general rule of thumb, sharing passwords is a bad idea because it makes attribution difficult. If more than one person is using the same credentials, how do we know who to blame if the account is used inappropriately? But in the real world, there are times when we need to share passwords both in our personal and professional lives. Family and Enterprise versions of password vaults enable you to easily share passwords. You can also designate an emergency contact, who can apply to receive access to all your credentials (shared and non-shared) in the event you are incapacitated. A few years ago, my father passed away and I was named the executor. I spent countless hours in that first hectic week simply gaining access to the accounts needed to make final arrangements. I sleep much more soundly at night knowing that when the inevitable happens, my loved ones will not have to endure the same experience. Most of these applications can store much more than just usernames and passwords. Securely store family social security numbers, bank account numbers, home alarm safe words, or just about anything else. Some, such as LastPass, allow you to securely store documents such as birth and marriage certificates. PlexTrac Author At PlexTrac, we bring together insights from a diverse range of voices. Our blog features contributions from industry experts, ethical hackers, CTOs, influencers, and PlexTrac team members—all sharing valuable perspectives on cybersecurity, pentesting, and risk management.
From Risk to Resilience: 5 Steps to Speed Remediation and Protect Your Organization Security teams have one main goal: Avoid breaches. For anyone that works in security, you know this is easier said than done. With an influx of findings and risks coming at you from multiple sources, it can be daunting and time consuming trying to figure out what to fix first. We often see organizations making... READ ARTICLE
How Do I Pentest My LLM? In the world of cybersecurity, AI is the perpetual topic du jour, and more specifically Generative AI. The use of LLMs for all kinds of use cases is the craze and the AI ecosystem continues to move at a rapid pace. When it comes to pentesting, the job of every tester is to keep up... READ ARTICLE
What FedRAMP’s New Vulnerability Management Standard Means for Pentesters and Vuln Managers Breaking Down the New RFC-0012 Standard Under FedRAMP and How It Can Change Your Daily Security Operations If you work in vulnerability management or penetration testing for cloud systems under FedRAMP, buckle up because the new RFC-0012: FedRAMP Continuous Vulnerability Management Standard is going to change how your work is scoped, tracked, and prioritized. The... READ ARTICLE