Anime_007's profile
Prodigy

Prodigy

 • 

198 Messages

 • 

5.9K Points

Thursday, February 2nd, 2023 2:05 PM

Closed

Answered

Recently password managers are being hacked

Recently we all see the news of Lastpass being hacked and vault data being stolen. Few days ago Norton Password Manager got compromised by credential stuffing attacks and if has affected for about 6,000 users of Norton. My question is how well Trend Micro's password manager is protected and secured. I know its 256 bit encryption and all that. I also use 2fa for my accounts but is it secure from credential stuffing attacks as I see no captcha method while trying to logging in. Please use re captcha method mandatorily for every login attempts. Also introduce email notification whenever the someone tries to login or someone logged in to password manager app under login activity via email.

This conversation is no longer open for comments or replies and is no longer visible to community members.

Brand User

Trend Security Expert

 • 

51 Messages

 • 

1.1K Points

1 year ago

Hi @The_Eagle_007 !

Great suggestion with the  ReCaptcha method, I will forward this to our Product and Development team.

In regards to the incident with Norton, the hackers used lists of leaked email addresses and passwords to try to gain access to accounts on different websites.

We have a dedicated team focused on the enhancement to improve our internal database access privilege flow. We will add monitoring and alerts for abnormal access in the near future. In the meantime, you can use Trend Micro Identity Protection to monitor if your email is leaked and to avoid this kind of breach.

Thanks!

(edited)

Prodigy

 • 

198 Messages

 • 

5.9K Points

@tm_mackyPlease do introduce re captcha mechanism and all the other security related protocols to safeguard the customer data. I just hope that my concern is addressed to the concerned person and proper steps are taken to ensure the security of Trend Micro Password Manager.

Brand User

Trend Security Expert

 • 

51 Messages

 • 

1.1K Points

Hi @The_Eagle_007

I want to reassure you that the security of the data belonging to our clients is extremely important to us, and we go to great lengths to secure it.

We are taking the necessary actions to ensure the security of Trend Micro Password Manager, so rest assured that we have brought your concern to the attention of the appropriate team.

We appreciate your inquiry, and if you have any additional questions, recommendations or issues, don't hesitate to reach out to us.

Thanks!

 Superstar

 • 

260 Messages

 • 

6.5K Points

1 year ago

Why not storing passwords on your personal computer on a password protected Word document?? 

Is easier, safer and on your PC. 

Prodigy

 • 

198 Messages

 • 

5.9K Points

@claudiubotezatu​ its a matter of personal choice. One can write all the passwords in a diary to be more safer. Its a matter of convenience too.

 Superstar

 • 

260 Messages

 • 

6.5K Points

@The_Eagle_007​ 

Sure, is a matter of personal choice, but is there any rationale behind it?

Storing your passwords somewhere in the cloud and being exposed to hackers (and paying for this service) versus having the passwords on your PC , in a password protected file.

Brand User

Trend Security Expert

 • 

51 Messages

 • 

1.1K Points

Hi @claudiubotezatu​ !

I just want to mention the advantage of using a password manager and why someone might choose to store their passwords in the cloud using a password manager service, rather than on their personal computer in a password-protected file.

  1. Convenience: Storing passwords in the cloud with a password manager service allows for easy access from any device with an internet connection, without the need to transfer files or manually enter passwords.

  2. Security: While password-protected files on a personal computer can still be vulnerable to hacking, a password manager service will typically have stronger security measures in place, such as encryption and two-factor authentication, to help protect against unauthorized access to your passwords.

  3. Organization: Password manager service can securely store not just passwords, but also other sensitive information such as credit card numbers and personal identification information. This can help users better organize and keep track of their sensitive information.

  4. Improved password management: Password manager can automatically generate strong, unique passwords for each of your accounts, and help you keep track of when to change them, which can be difficult to do manually.

In short, while storing passwords in a password-protected file on your personal computer may seem like a simple and cost-effective option, a cloud-based password manager service can provide added convenience, security, organization, and improved password management, making it a more attractive option for many users.

 

Hope it helps. 

Prodigy

 • 

198 Messages

 • 

5.9K Points

@tm_macky​ but the password which are generated using Trend Micro's password managers are of maximum 20 digits. It should be 30 digits at the very least. Also the special characters which are used by its password generators are few only like @$# etc. Please provide an update to it to generate more secure passwords and atleast of 30 digits. I have to use other password generators for creating my passwords. Small issue but an important one.

(edited)

Brand User

Trend Security Expert

 • 

129 Messages

 • 

2.7K Points

Hi @The_Eagle_007 


We will take note of this as part of our security enhancements for Trend Micro Password Manager.

We appreciate you writing this, as it will be beneficial to Trend Micro users. Thanks for reaching out to us.


Thanks.
-TM Chris

Need Help?

Ask the Community

Latest Tech Insights

Loading...