Using a password manager is useful to store all the keys there. Basically it is a program that you enter with a master password and save all the others, such as to enter the mail, Facebook or any other platform. The problem comes when that application has a vulnerability or has leaked everything you have stored. That is what seems to have happened with the Norton Key Manager.
Leaking passwords in NortonLifeLock
Norton is known to be a good antivirus to protect our systems. But beyond that, it also has other applications such as its NortonLifeLock password manager. Now it has notified its customers saying that they have had a security breach. They ensure that the attacks have been against user accounts and not against the system.
Based on the information they have provided, an attacker may have been able to access a user’s account and use their credentials and passwords to gain entry. Specifically, in the message they have sent, they indicate that their own systems have not been compromised, but that they firmly believe that an unauthorized third party has used the user’s name and password to enter.
This happened at the beginning of December 2022, a little over a month ago. They would have used usernames and passwords purchased from the Dark Web. From Norton they saw an unusual increase in failed login attempts. Basically, attackers started using those credentials obtained from the Dark Web to try their luck.
They do not know exactly the number of accounts they have been able to access, but they acknowledge that this has happened. In the warning they indicate that they have been able to obtain names of their clients, telephone numbers or addresses.
Does this mean that your NortonLifeLock account has been broken into and all your passwords have been stolen? No, unless you use a key that has previously been leaked. For example, if you use a password that you have previously used somewhere else, such as an Internet forum or a social network, you are at greater risk. If the key you use is unique, random, and hasn’t been pre-leaked, you shouldn’t have any problems.
What to do to avoid problems
From Norton they recommend that their clients enable two-step authentication as a protection measure. This way, even if they manage to steal the password they would need something else to get in. They would need a code that will reach you by SMS, for example. It is an extra barrier of protection.
Another very important point is that you change the Norton key manager master password . Use one that is totally new, random, that does not have your name or anything that relates to you. It is essential that you have not used it previously. Only then will you be protected and you will be using a secure password.
What would a good password look like? Note that it must have letters (both uppercase and lowercase), numbers, and other special symbols. Make sure it’s a good length, as each additional letter or number you put in is going to make it more secure. A good key is one that you find difficult to memorize.
In short, if you use the Norton password manager they have been able to enter your account. We recommend that you take steps as soon as possible to improve safety and security. Be sure to always check your accounts and check for leaked passwords.