paint-brush
How Password Managers Can Protect You From Phishingby@robertvrb
145 reads

How Password Managers Can Protect You From Phishing

by RobertMarch 6th, 2020
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

Phishing is a term used for the act of tricking you into providing your password or other sensitive information to an impostor. The right thing to do is to go to your bank's website and login from there. Check the URL, which is the address of the web page. Utilize your password manager if you have a password manager. Unlike humans, password managers don't fall for phishers. If you end up on a phishing website, your manager won't recognize it and it won't offer to offer to fill your credentials.

People Mentioned

Mention Thumbnail
featured image - How Password Managers Can Protect You From Phishing
Robert HackerNoon profile picture

Password managers are a convenient way to use strong, unique passwords everywhere. Another good thing about password managers is that they help protect you from malicious websites that attempt to "phish" passwords.

What is phishing?

Phishing is a term used for the act of tricking you into providing your password or other sensitive information to an impostor.

Perhaps the most common example is this: You receive an email from someone that is claiming to be your bank. It says that your bank account may be compromised and it has provided you with a link you need to click on to do something about it. Of course you want to secure your account so you click on the link and see a website that looks exactly like your bank's website. You then enter your password as well as other details the website asks for. Submitting all this information is all it takes for you to be phished.

Now, the attacker has your ban account's username and password. Because that website isn't actually the bank's website and the email you got was from a scammer.

This is why security professionals strongly suggest against clicking on links in suspicious emails. In case something like this happens, the right thing to do is to directly go to your bank's website and login from there. In a similar fashion, if someone who claims to be from your bank calls you on the phone, hang up, and dial your bank's customer service number to verify if it's a legitimate call.

These days, there's a number of ways to get phished. Here's some ways you can avoid it:

Check the URL

One easy way to spot phishing sites is to check the URL, which is the address of the web page. For example, if you have an account with Wells Fargo, then you should check that you're actually on wellsfargo.com instead of some other website.

Utilize Your Password Manager

If you have a password manager, then you already have additional protection. This applies to you if your password manager can automatically fill your credentials.

If you use your password manager to save your login credentials for your bank website, the password manager will remember it. If you somehow end up on a phishing website, your password manager won't recognize it and it won't offer to enter your credentials. Unlike humans, password managers don't fall for phishers.

Your password manager isn't gonna prompt a big warning saying the website is a scam but you will easily notice that your password manager isn't offering to fill our your credentials which it usually does.

Your password manager mainly exists to make it faster for you to enter your credentials but it also gives you a piece of mind.

When you log into your account, you no longer need to double-check the domain before typing your username and password.