Authored by: PlexTrac Author Posted on: October 17, 2019 What is a Password Vault? So what is a password vault, and how does it help? These services act as a secure repository for all your credentials. Generally, they operate as plug-in to your web browser or a separate application on your mobile device. You sign in to your vault using a single password – and this is the only password you must remember. When you navigate to a site requiring a login, the password vault can usually auto-fill your credentials. Most will recognize when you enter credentials that are not already stored in the vault – then offer to add them for future use with a single click. When creating a new password, most will generate a very complex and very long password for you and store it automatically. By making the generation and storage of strong passwords easy, these programs eliminate the human tendencies that incentivize weak passwords and password re-use. As a general rule of thumb, sharing passwords is a bad idea because it makes attribution difficult. If more than one person is using the same credentials, how do we know who to blame if the account is used inappropriately? But in the real world, there are times when we need to share passwords both in our personal and professional lives. Family and Enterprise versions of password vaults enable you to easily share passwords. You can also designate an emergency contact, who can apply to receive access to all your credentials (shared and non-shared) in the event you are incapacitated. A few years ago, my father passed away and I was named the executor. I spent countless hours in that first hectic week simply gaining access to the accounts needed to make final arrangements. I sleep much more soundly at night knowing that when the inevitable happens, my loved ones will not have to endure the same experience. Most of these applications can store much more than just usernames and passwords. Securely store family social security numbers, bank account numbers, home alarm safe words, or just about anything else. Some, such as LastPass, allow you to securely store documents such as birth and marriage certificates. PlexTrac Author At PlexTrac, we bring together insights from a diverse range of voices. Our blog features contributions from industry experts, ethical hackers, CTOs, influencers, and PlexTrac team members—all sharing valuable perspectives on cybersecurity, pentesting, and risk management.
Building a Continuous Purple Teaming Program with Paul Nieto III On a recent PlexTrac Friends Friday Podcast, our founder, Daniel DeCloss, sat down with Paul Nieto III, a seasoned red team operator at Royal Caribbean, to unpack how his organization built and scaled a purple teaming program that runs continuously, not just once a year. READ ARTICLE
PlexTrac Named in the Gartner® Magic Quadrant™ for Exposure Assessment Platforms Today I’m excited to share that PlexTrac has been named as a Niche Player in the latest Gartner Magic Quadrant for Exposure Assessment Platforms (EAP). I couldn’t be prouder of our team for this recognition. I wanted to share why this is important for PlexTrac and our customers, as well as why we believe this... READ ARTICLE
Friends Friday Recap: How AI Is Reshaping Offensive Security And Why Humans Still Matter The latest PlexTrac Friends Friday podcast episode brought together host Dan DeCloss, PlexTrac’s founder and CEO, and returning guest Rey Bango, a seasoned penetration tester and educator from a Fortune 100 telecommunication company. Dan and Rey revisited a topic from their last podcast episode, over 18 months ago, on how artificial intelligence is reshaping offensive... READ ARTICLE