The password managers accesss make it easy to use strong, unique passwords everywhere. That's one major benefit of using them, but there's another: A password manager protects you from fake websites trying to "fish" your password.
What is phishing and how does it work?
Fishing ( Phishing) is designed to trick you into giving your password or other information to a scammer.
For example, suppose you receive an email claiming to come from your bank. The email indicates that your account may have been compromised and you must click a link to take immediate security measures. Click on the email link and you will end up with a website that looks like your real bank website.
In a hurry, to secure your account, enter your password and possibly other details such as your credit card number. Phishing is done. The attacker now has the username and password of your bank account, as well as any other information you provided on the form you entered. It was not the actual website of your bank. You received the email from a scammer.
Security professionals recommend not clicking on links to such messages. Instead, go directly to your bank account website from a new tab in your browser and log in. Likewise, if someone claiming to be from your bank calls you, hang up and call your bank's customer service number directly to see if the call was genuine.
You could end up on a phishing site in many other ways. Maybe you click on a link to buy something on the web and end up on a page that looks like this Amazon.com or other online store, but it is not. Maybe you click a link to email someone and end up at a Google login screen for your Gmail account.
It's all in the URL
There is something you can do to find phishing sites:
Examine the URL, at its address by clicking heres. For example, if you bank with Piraeus, verify that you are on the Piraeus domain. But phishing sites could be clever – for example, a phishing site might use the domain “www.winbank.gr.safe.info/onlinebanking/login”.
If you read the URL carefully, you will realize that this URL is actually hosted on "safe.info" and not on "winbank.gr".
Likewise, some phishing sites use characters that look like other characters to make the address look like the real thing. For example www.winbank.gr can become www.winbanκ.gr, adding a Greek character in place of k.
How a password manager helps protect you
If you use a password manager, you have extra protection. This is valid for as long as the password manager can automatically fill in your credentials, be it 1Password, LastPass or someone else. From iGuRu.gr we highly recommend him KeePass because it encrypts and stores your passwords locally rather than in the cloud.
If you save a link to a site like winbank.gr or Amazon.com, your password manager will remember the address and automatically provide you with the password when you are on the right page. If you are on a different site, your password manager will not display the password you are using.
This protection will not display a large red alert. But you will notice that the password manager does not find a password to log in to this page.
It also works on a smartphone
Of course, the same features are available when using a password manager on a mobile device.
