Password manager hacked

Description

A strong password is always recommended to keep the accounts safe from hackers. Still, there are many software techniques in the industry to hack the password and use it against the owner. As the world is digitalized, crimes also getting smarter to acquire our wealth. In case, if the passwordr manag is hacked, the following ideas might be helpful in overcoming the situation.

Mitigation Ideas

Have back-up of all stored passwords.
Keep the high-profile passwords securely and don't save them in the password manager.
If cloud services are in use, then use self hosted backup.
Use a company hosted password manager (Bitwarden)and force 2FA as one of the factor.
User should use 2FA wherever possible.

Response Plan

Plan to change the password periodically.
Inform all employee who will be affected by this disruption.
Use back up to reset passwords of all account.

Responder Team

In order to find the solution/ to know in details about the risk that has happened, responder team is one to be communicated first.

First Responder Team

The employee whose credential has be hacked, should first inform the details to the Team. So that, the action to stop the intruder can be taken care.

Point of contact: Rily

Second Responder Team

Point of contact:

DevOps
System Admin

PreviousKeyloggers, access to NEX deployment NextSONs active keys exposed in configuration

Last updated 2 years ago