KnowBe4, a provider of one of the world’s largest security awareness training and simulated phishing platforms, recently announced it has launched a new, complimentary tool called the Browser Password Inspector to help better protect organisations from ransomware attacks, credential theft and account takeovers.
The issue with saving passwords in browsers is that many users are reusing the same passwords for work and personal accounts, which puts organisations at a higher risk. The 2018 Global Password Security Report found that 50% of users have the same passwords for both personal and work accounts.
The new Browser Password Inspector inspects all available user machines on an organisation’s network and identifies their at-risk users by scanning and searching for passwords saved in the browser. Password Browser Inspector also checks to see if users are using known weak passwords, old passwords or using the same password across multiple sites. Browser Password Inspector then generates a detailed but secure report on the user accounts affected to show the organisation’s vulnerability to credential theft, account takeovers, falling victim to a data breach or a network-wide ransomware infection.
“Saving often-used passwords in a browser may seem convenient, but users should think twice before doing this because the bad guys can go after them, leaving an organisation more vulnerable to cyberattacks,” said Stu Sjouwerman, CEO, KnowBe4. “This new tool will help you to stop the bad guys from finding and dumping passwords that they find in employees’ web browsers. IT admins can quickly identify password security vulnerabilities in Chrome, Firefox and Edge web browsers and examine browser-saved credentials of your organisation’s Active Directory.”