If You Use iCloud Keychain, Your Passwords Are at Risk
In the past, we’ve written about the dangers of using password managers to protect your most sensitive information.
Password managers are often dubbed as a safe way to store information, but that isn’t always the case. Specifically, password managers aren’t protected from the risks of hacks.
The two of the most glaring security holes being:
- Many password managers store information in the cloud or on a server, both of which can be hacked
- Password managers require a master password, and if this password is revealed through user error, or hacks like brute force, all of your passwords will become exposed
And now, the risks of using a password manager are a reality for those who use Apple’s iCloud Keychain, which is the tech-giants version of a password manager.
The iCloud Keychain Vulnerability
In early February, a German teen by the name of Linus Henze uncovered a vulnerability affecting the latest Apple macOS, which leaves stored passwords open to malicious apps.
According to Henze, he found that he could create an app that was able to read what was in someone’s iCloud Keychain without getting permission from the victim.
Henze assumes similar malware could get onto a Mac from a malicious hacker who would hide keychain exploits in legitimate apps, making the risk increasingly scary.
Passwords commonly stored in the iCloud Keychain can include anything from banking and email credentials to passwords for retail sites like Amazon, which pose an obvious risk for consumers.
And even though it’s a Mac-only issue at the moment, if you’ve synced multiple devices across iPhones and Macs, your entire network could be at risk.
Worse yet, the fix for the bug may not come anytime soon. Henze is holding his discovery hostage from Apple because of “lack of payment for such research.” Until Apple finds a patch on their own or pays Henze for his discovery, your information will be left at risk.
It’s Time To Protect Yourself
What can you do?
It’s time to ditch password managers once and for all. Protect your sensitive information by using a password generation and regeneration tool, like EZPD.
EZPD never stores your password on a server, in the cloud, or elsewhere. And, you don’t need to access your information with a master password.
Rather, EZPD takes an innovative approach toward password protection by using a node-locking software that regenerates your password on devices with proper authority. Specifically, to regenerate a password, you’ll need a unique license file assigned to a specific device. This level of security makes it virtually impossible to hack your sensitive files.
Not only does EZPD protect your passwords, but the software also helps you create an unlimited amount of unique and complex passwords. With EZPD, you can:
- Customize the length of your password, (up to 96 characters)
- Generate passwords using symbols, characters, and case sensitivity
- Set your own parameters for what you need in a password
Why risk your most valuable information, unnecessarily? Become properly protected. Start your FREE trial with EZPD today.