Are password manager vulnerable to insider hacking?
As far as hacking is concerned, anything and everything is exposed to hacking. Nothing in this world is completely protected from hacking. When I say completely protected, I mean 100 % protected. Even in a secure system, it is just that the possibility to penetrate can be very less compared to the other application. That is the only possibility. When you deep dive into the system and try to understand the framework and the architecture in which a system is built, there is definitely a possibility where it can be easily hacked. Only the systems that are permanently password protected or the ones that has several layers of encoding and hashing can be a bit safer from hacking. But even then we will not be able to say that it is completely safe from hacking. It will definitely be vulnerable to hacking.
Nowadays explorations are being done to protect passwords based on real time parameters but even then when there is someone who can say the code behind it, it is still vulnerable. People are also using two factor authentications and other hashing techniques to keep the vulnerabilities to minimum. There are hackers who can challenge any session. Once I happened to attend a ethical hacker session. During the session the person hacked a social media account of one of the audience and showed the possibilities. It was quite amazing to see such things. Though it took several iterations and multiple parameters from the users, the possibility was still clear.
Password Managers
It is also purely dependent on the password manager that you choose. For the application that you use, if there are micro services running and when there is a communication between one service and another service, there is definitely a possibility for security breaches. People working on shared computers will be able to easily hack other systems in the network. Hacking possibilities are also predictable based on the access control maintained by the particular password manager. At the end of the day the actual data is stored somewhere and especially in systems that are easily accessible in a network the information can be easily tracked and shared with another remote source.
There are also systems that can predict keystrokes and patterns to decrypt an encrypted password. Any internal communication that happens inside the system are easily prone to security threats. Such internal communications should be protected so that the possibility for hacking can be greatly reduced. There were researches on this particular topic. I found the below article that briefs about the possibilities.
https://www.aalto.fi/news/password-managers-vulnerable-to-insider-hacking
Image source: Pixabay.com
Congratulations! This post has been upvoted from the communal account, @minnowsupport, by bala41288 from the Minnow Support Project. It's a witness project run by aggroed, ausbitbank, teamsteem, someguy123, neoxian, followbtcnews, and netuoso. The goal is to help Steemit grow by supporting Minnows. Please find us at the Peace, Abundance, and Liberty Network (PALnet) Discord Channel. It's a completely public and open space to all members of the Steemit community who voluntarily choose to be there.
If you would like to delegate to the Minnow Support Project you can do so by clicking on the following links: 50SP, 100SP, 250SP, 500SP, 1000SP, 5000SP.
Be sure to leave at least 50SP undelegated on your account.