Nobody likes passwords but they’re a fact of life. While some tech companies have tried to kill them off with fingerprints and face-scanning technology, neither are perfect and many still resort back to the trusty (but frustrating) password.
Most humans do not have the time or inclination to change their passwords fast enough to thwart hackers. And most people cannot remember a hard-to-crack password. That’s where a password manager comes in.
What is a password manager?
Think of a password manager like a book of your passwords, locked by a master key that only you know.
Password managers don’t just store your passwords — they help you generate and save strong, unique passwords when you sign up to new websites. That means whenever you go to a website or app, you can pull up your password manager, copy your password, paste it into the login box, and you’re in. Often, password managers come with browser extensions that automatically fill in your password for you.
Because many of the password managers out there have encrypted sync across devices, you can take your passwords anywhere with you — even on your phone.
Why do you need to use one?
Password managers take the hassle out of creating and remembering strong passwords. It’s that simple. Passwords are stolen all the time. Sites and services are at risk of breaches as much as you are to phishing attacks that try to trick you into turning over your password.
But the longer and more complex your password is — a mix of uppercase and lowercase characters, numbers, symbols and punctuation — the longer it takes for hackers to unscramble your password.
The first big decision you will need to make with a password manager is choosing your master password. This master password controls access to your entire password manager database, so you should make it particularly strong — it’s the only password you’ll need to remember, after all. You may want to write down the password and store it somewhere safe after choosing it, just in case.
You can change this password later, but only if you remember it — if you lose your master password, you won’t be able to view your saved passwords. This is essential, as it ensures no one else can view your secure password database without the master password.
Which password manager to use?
It’s up to you but all password managers perform largely the same duties — but different apps will have more or relevant features to you than others.
And most password managers are free, with the option to upgrade to get better features.
After installing a password manager, you will likely want to start changing your website passwords to more secure ones. LastPass offers the LastPass Security Challenge, which identifies the weak and duplicate passwords you should focus on changing. Dashlane has a Security Dashboard built right in, that will help you figure out which passwords might need to be changed.
Password managers also allow you to store other types of data in a secure form — everything from credit card numbers to secure notes. All data you store in a password manager is encrypted with your master password.
Password managers can even help against phishing, as they fill account information into websites based on their web address (URL). If you think you’re on your bank’s website and your password manager doesn’t automatically fill your login information, it’s possible that you’re on a phishing website with a different URL.
Another thing to consider is where you want to use your password manager. Many password managers are cross-platform, like Dashlane, which means they will work on your computer but also on mobile devices, allowing you to take your passwords wherever you go.
Some are open source, like KeePass, allowing anyone to read the source code. KeePass doesn’t use the cloud, so your data never leaves your computer – unless you move it. This is a great option for people working in industries that may face a wider range of security threats — such as those who work in government.
Like all software, vulnerabilities and weaknesses in any password manager can put your data at risk. But so long as you keep your password manager up to date — and most browser extensions are automatically updated — your risk is significantly reduced.
Simply put, using a password manager is far better for your overall security than not using one.
If you would like more information about keeping safe online, contact the Envisage Technology team on 07 3193 9976.