Jump to content
Login with your Gmail HERE and start posting in seconds! ×
Don't just read! Be part of the Community! Join the conversation ×

Using Windows 10 password manager? uh-oh!

bendejo

By bendejo
in IT and Computers

 Share

Recommended Posts

473geo Ruby Member

473geo

Posted
Posted

Would not wish to use a password manager anyway, non critical apps I use the saved password feature, never even use this for anything important.

lopburi3 Legendary Member

lopburi3

Posted
Posted

Gutter press - no indication of what versions (some) of Windows10 had this extension, when it happened or how to check for it (easy) or the fact that it was patched within 24 hours and there were no reports of any password loss.  

RichCor Platinum Member

RichCor

Posted
Posted

I'd never heard of this third-party application, and certainly never expected it to be bundled with a Windows 10 install image. From the new feeds I've glanced over, while the app is available in the Microsoft Store it isn't normally bundled with Windows.

473geo Ruby Member

473geo

Posted
Posted (edited)

Well there is a password management tool in the recent update I received, as I said do not use it.

Or perhaps it is trying to direct me to the tool but it is offered

Edited by 473geo
lopburi3 Legendary Member

lopburi3

Posted
Posted
8 minutes ago, 473geo said:

Well there is a password management tool in the recent update I received, as I said do not use it.

Or perhaps it is trying to direct me to the tool but it is offered

Where?  I just installed 1709 a few hours ago and the default Edge browser turned off my Last Pass but offered to allow to turn back on which I did.  Perhaps if you had none that browser would offer a system (as is the case for all current browsers).  But that is a browser extension so if you do not use the browser you will not be using it even if turned on in the browser.

lopburi3 Legendary Member

lopburi3

Posted
Posted (edited)

What did you click on to get that menu?  

 

Did a search using "change your password" but get a different menu from settings - but this seems to be for Network/Microsoft and such - not for general account passwords from other sources (such as banks/insurance and such).

Edited by lopburi3
RichCor Platinum Member

RichCor

Posted
Posted

The articles that are referencing this issue usually state:

 

"Starting from Windows 10 Anniversary Update (Version 1607), Microsoft added a new feature called Content Delivery Manager that silently installs new "suggested apps" without asking for users’ permission."

 

"Google Project Zero researcher Tavis Ormandy said he found a pre-installed famous password manager, called "Keeper," on his freshly installed Windows 10 system which he downloaded directly from the Microsoft Developer Network."

 

So not everyone will have this, but having apps silently installed (just because they're suggested) by the OS from the Microsoft Store seems to be the secondary issue being buried.

jenny2017 Advanced Member

jenny2017

Posted
Posted
18 hours ago, RichCor said:

The articles that are referencing this issue usually state:

 

"Starting from Windows 10 Anniversary Update (Version 1607), Microsoft added a new feature called Content Delivery Manager that silently installs new "suggested apps" without asking for users’ permission."

 

"Google Project Zero researcher Tavis Ormandy said he found a pre-installed famous password manager, called "Keeper," on his freshly installed Windows 10 system which he downloaded directly from the Microsoft Developer Network."

 

So not everyone will have this, but having apps silently installed (just because they're suggested) by the OS from the Microsoft Store seems to be the secondary issue being buried.

May I add..

 

  There's a good reason why security analysts get nervous about bundled third-party software: it can introduce vulnerabilities that the companies can't control. And Microsoft, unfortunately, has learned that the hard way. Google researcher Tavis Ormandy discovered that a Windows 10 image came bundled with a third-party password manager, Keeper, which came with a glaring browser plugin flaw -- a malicious website could steal passwords. 

 

https://www.engadget.com/2017/12/16/windows-10-bundled-password-manager-had-security-flaw/

wpcoe Platinum Member

wpcoe

Posted
Posted
On 12/18/2017 at 6:51 PM, 473geo said:

Well there is a password management tool in the recent update I received, as I said do not use it.

Or perhaps it is trying to direct me to the tool but it is offered

 

On 12/18/2017 at 7:05 PM, lopburi3 said:

Where?  I just installed 1709 a few hours ago and the default Edge browser turned off my Last Pass but offered to allow to turn back on which I did.  Perhaps if you had none that browser would offer a system (as is the case for all current browsers).  But that is a browser extension so if you do not use the browser you will not be using it even if turned on in the browser.

 

On 12/18/2017 at 7:10 PM, 473geo said:

image.png.1d8d053e52744f6cae2026ac0b2714ea.png

 

On 12/18/2017 at 7:26 PM, lopburi3 said:

What did you click on to get that menu?  

That (or similar) pops up by typing password in the Windows search box (Cortana?).  However, I don't see any obvious "password management tool" in that list-- other than to change the password for Windows log on or Homegroup networking.  Maybe "Sync your passwords on this PC"?  That doesn't show up when I enter password into Windows Search on my computers:

 

password.gif.000bd7ec4f3554ac2b85495a6bd75675.gif

 

PS:  I don't use Homegroups.

473geo Ruby Member

473geo

Posted
Posted

It's only recently I received a big update and after this was promoting  password manager maybe why you guys are not in the loop

Fortunately my memory is still good and I have the ability to update passwords I forget due to limited use

So do not require any further management

lopburi3 Legendary Member

lopburi3

Posted
Posted
5 minutes ago, 473geo said:

It's only recently I received a big update and after this was promoting  password manager maybe why you guys are not in the loop

Fortunately my memory is still good and I have the ability to update passwords I forget due to limited use

So do not require any further management

But your menu only shows local network type password controls for Windows and users - not a password manager program for sites you visit (as is now available in browsers and as extensions) and which this thread was about.

wpcoe Platinum Member

wpcoe

Posted
Posted
16 hours ago, 473geo said:

Please yourself I only stated what I see you can interpret as you wish 

It's not that we don't believe you, but just not sure what you see that indicates you have a password manager.  e.g.  What entry on that screen shot indicates to you that a password manager is on your system?

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.






ASEANNOW

ASEANNOW (formerly Thai Visa) Thailand's oldest and most popular forum for expats and foreigners.

Sign up today and have your say

MORE INFO

POPULAR AREAS

CONTACT US

219/59 Asoke Towers, 15th Floor, Soi Sukhumvit 21, Watthana, Bangkok 10110
(+66) 99 196 1100
[email protected]

×
×
  • Create New...