If You Use iCloud Keychain, Your Passwords Are at Risk

Apple

In the past, we’ve written about the dangers of using password managers to protect your most sensitive information.

Password managers are often dubbed as a safe way to store information, but that isn’t always the case. Specifically, password managers aren’t protected from the risks of hacks.

The two of the most glaring security holes being:

  1. Many password managers store information in the cloud or on a server, both of which can be hacked
  2. Most password managers share team passwords by sending them to the team members by email.

And now, the risks of using a password manager are a reality for those who use Apple’s iCloud Keychain, which is the tech-giants version of a password manager.

The iCloud Keychain Vulnerability

In early February, a German teen by the name of Linus Henze uncovered a vulnerability affecting the latest Apple macOS, which leaves stored passwords open to malicious apps.

According to Henze, he found that he could create an app that was able to read what was in someone’s iCloud Keychain without getting permission from the victim.

Henze assumes similar malware could get onto a Mac from a malicious hacker who would hide keychain exploits in legitimate apps, making the risk increasingly scary.

Passwords commonly stored in the iCloud Keychain can include anything from banking and email credentials to passwords for retail sites like Amazon, which pose an obvious risk for consumers.

And even though it’s a Mac-only issue at the moment, if you’ve synced multiple devices across iPhones and Macs, your entire network could be at risk.

Worse yet, the fix for the bug may not come anytime soon. Henze is holding his discovery hostage from Apple because of “lack of payment for such research.”  Until Apple finds a patch on their own or pays Henze for his discovery, your information will be left at risk.

It’s Time To Protect Yourself

What can you do?

It’s time to ditch password managers once and for all. Protect your sensitive information by using a password generation and regeneration technology, like EZPD.

EZPD never stores your password on a server, in the cloud, or elsewhere. You just regenerate the same password on demand. Also, the same team members can generate and regenerate the same password. Therefore, team members can share the same passwords securely by regeneration of the team passwords instead of sending them by email.

EZPD takes an innovative approach toward password protection by regeneration of the same password on demand. This level of security makes it virtually impossible to hack your passwords.

Not only does EZPD protect your passwords, but the application also helps you create a unique and complex password.  With EZPD, you can:

  • Customize the length of your password, (up to 256 characters)
  • Generate passwords using symbols, characters, and case sensitivity
  • Set your own parameters for what you need in a password

Why risk your most valuable information, unnecessarily? Become properly protected. Sign up and start your FREE use of EZPD today.


Posted

in

Tags: