Cybercriminals are always looking for easy ways to hack into your network and steal your users’ credentials.
According to Verizon’s new 2020 Data Breach Investigations Report, attackers are increasingly successful using a combo of phishing and malware to steal these credentials. In fact, Password Dumpers takes the top malware spot making it easy for the bad guys to find and “dump” any passwords your users save in web browsers.
Once hackers gain access, they can steal usernames and passwords to any accounts saved in browsers. With 50% of employees using the same password for work and personal accounts, this makes the risk of credential theft and account takeovers even greater!
Find out now if browser-saved passwords are putting your organization at risk!
KnowBe4’s Browser Password Inspector (BPI) is a new and complimentary IT security tool that allows you to analyze your organization’s risk associated with weak, reused, and old passwords your users save in Chrome, Firefox, and Edge web browsers. BPI inspects all available user machines on your network and identifies your at-risk users by scanning and searching for passwords saved in the browser. BPI then generates a detailed report on user accounts affected to show your organization’s vulnerability to credential theft, account takeovers, or falling victim to a data breach.
“Saving often-used passwords in a browser may seem convenient, but users should think twice before doing this because the bad guys can go after them, leaving an organization more vulnerable to cyber attacks,” said Stu Sjouwerman, CEO, KnowBe4. “This new tool will help you to stop the bad guys from finding and dumping passwords that they find in employees’ web browsers. IT admins can quickly identify password security vulnerabilities in Chrome, Firefox and Edge web browsers and examine browser-saved credentials of your organization’s Active Directory.”
When 80% of hacking-related breaches involve the use of stolen credentials, you can use BPI to better manage and strengthen password security as part of your organization’s overall password hygiene policies and security awareness training efforts.