Almost half of enterprise apps don't handle credentials securely
A new report from Orchid Security shows nearly half of enterprise applications violate basic credential-handling guidance, with 44 percent undermining centralized identity provider (IdP) policies and 40 percent falling short of widely accepted identity-control standards.
Orchid analyzed authentication flows and authorization practices embedded deep within enterprise applications and finds clear-text credentials in nearly half. These are normally associated with alternative access flows, often for non-human accounts, but they also present an easy target for threat actors seeking entry or lateral movement.
Google Password Manager gains new features on desktop and mobile
Today, Google Password Manager, known for its ability to generate and autofill unique passwords, is introducing five new features designed to enhance security, provide helpful functionality, and ensure ease of use. The features vary from platform to platform, with some being new for desktop, while others being new to iOS.
Google Password Manager now boasts a dedicated home within Chrome on desktop platforms, providing users with a centralized location to review all saved online credentials and manage password settings. Users can easily access this feature by clicking on "Password Manager" in the Chrome menu or by selecting "Manage passwords" when prompted by Chrome to autofill a saved password. Additionally, a desktop shortcut for Google Password Manager can now be created for even quicker access.