Identity at the Center Identity At The Center #43 - Passwords and Phishing in the COVID Era
May 11, 2020
A deep dive into the world of passwords reveals their outdated and insecure nature. With insights on password managers and the push for MFA, the conversation emphasizes the need for better security practices. The rise of phishing threats during the pandemic raises alarms, highlighting the importance of vigilance against scam emails. Plus, as remote work flourishes, discussions on the balance between convenience and security challenges unfold. Finally, they touch on the job market for identity professionals and offer advice for newcomers.
AI Snips
Chapters
Transcript
Episode notes
Risk-Based Password Management
- Use a risk-based approach to passwords and protect critical accounts with unique passwords or MFA.
- Reserve reused or simple passwords for low-value, infrequently used sites and avoid storing payment info there.
Passwords Are Inherently Fragile
- Passwords are fundamentally insecure and often get cracked once hashes leak, so unique passwords are essential.
- Passwordless methods are growing fast but will shift authentication to other user-held secrets or devices.
Choosing A Cross-Device Password Manager
- Jeff uses LastPass across macOS, Windows and iOS to manage random passwords and ease cross-device login.
- He switched as his work demanded many ecosystems and needed an accessible password manager solution.