Update: I used to think a strong password was enough, but my neighbor changed my mind.

I was talking to my neighbor, who works from home, and he said his company got hit by a phishing email that looked exactly like a real login page from their own IT team. He told me, 'The password didn't matter, I almost typed it right in.' That hit different because it was so simple and close to home. Now I see that a password manager and turning on two-factor auth are just as important as the password itself. Has anyone else had a close call with a really good fake login page?

3 comments

3 Comments

jamie_webb6710d agoMost Upvoted

Yeah, that's the scary part. A password manager won't stop you from putting your login into a fake site either. It'll just auto-fill right into the phishing page. The real move is using two-factor auth, because then that stolen password is useless on its own. Makes that close call your neighbor had a total non-issue.

aaron85410d ago

Exactly, @jamie_webb67. 2FA is the real safety net.

hollywhite10d ago

My cousin's bank had a fake login page last year that looked perfect. I get what @jamie_webb67 is saying, but most people aren't targets for that level of effort.