BitPrime

Safe and Trustworthy? What You Need to Know About Password Managers

 

Safe and Trustworthy? What You Need to Know About Password Managers

Image source: istockphoto

Passwords are a pain in the neck!

Every website you sign up for requires a password, and many websites have different password requirements too. Some require upper case letters or symbols or numbers, etc. You can never remember them all (well, at least I can’t!), which is why there are tools available to help you do so, aptly called password managers.

There are many different password managers available, but they all basically do the same thing.

 

What is a Password Manager?

A password manager is either a downloadable app or a browser extension that manages your passwords for you. These are available on smartphones, tablets, or personal computers. Users store different login credentials for various websites and applications in a database, depending on the software used.

When you are signing into a website, users click on their password manager’s icon to access their current password, instead of typing in their username and password across multiple sites.

Password managers usually include two options:

I. They require that the user remembers one “master” password before accessing their entire list of passwords.

II. They store a copy on a secure cloud storage service like DropBox, OneDrive, or iCloud. You can also save your password databases to an external USB drive for complete security if you desire.

To make your master password as strong as possible, some managers provide features such as allowing you to:

I. Generate a long string of random letters, numbers and symbols for you to use.

II. Require that you change your master password at regular intervals, like every 30 days, for example.

 

Who Uses Password Managers?

Most people who don’t use them already don’t because they either haven’t heard of them or they think they are too complicated. Do you know why?

Password managers do require you to invest some time (not too much, though) to set them up, and many people just can’t be bothered, so they rely on memorising passwords instead. Or, worst of all, use the same password for all their logins! Please tell me you don’t do this!

Remember, the more important the website or app you’re using is for you, the more essential it is to use a unique password and, therefore, a password manager.

The apps and browser extensions are easy to install and use, and many are free; so there really isn’t any reason not to use one.

Password managers are beneficial for people who have hundreds of different logins to remember, who use the same password for multiple sites (again, don’t!) or create weak passwords that are easy to crack. A password manager helps make sure your passwords are strong for security purposes, and many even let you know if there have been data breaches on the sites you use so you know when you need to change your password.

 

What are the Drawbacks of Using a Password Manager?

Password managers can generate complex passwords for you, so you don’t have to remember any of them. Isn’t that great? Why would anyone complain about that? Well, there are some things to know before using a password manager.

Password managers are not 100% safe. I mean, what is?

One big drawback of a password manager is that it is, well, a password manager. It stores your passwords on its servers. If someone hacks into their servers, then you might have your passwords compromised! If the government hacks in, they could also see every site you visit and every password you’ve used (do we worry about this type of thing here in NZ? 🤔).

Another potential drawback is that only the password manager company can change your passwords if they get hacked or compromised. This means that if their service gets hacked, they will probably do something to fix it ASAP but you’ll have to wait for them.

And another not-so-small problem: if someone knows where you store your passwords and then discovers your master password, they can steal all of them, and you will be in big trouble. This is why it’s crucial to commit your master password to memory, or if you must write it down, make sure it’s kept somewhere super safe.

But, all in all, password managers are a good idea because they can store your passwords safely and keep them up-to-date on many different devices (phones, tablets, computers, etc.). Just make sure to read about the company’s reviews and reputation and check if they don’t share your data with anyone. You always read those privacy policies and terms and conditions you agree to, right?

 

Can Password Managers be Trusted?

Security is critical in our digital world now, more than ever before. Password managers can help you increase yours easily!

Yes, password managers can be trusted but you need to make sure your master password is strong and that you remember it. A strong password should contain a mix of numbers, symbols and upper and lowercase letters and be at least 12 characters in length.

Password managers are safe because many use AES-256 encryption and two-factor authentication (or even multi-factor authentication). They are safe because if someone were to hack their way into your account, you could change it without losing all your passwords.

Now that password managers have been around for a while, we can safely say that they’re just as trustworthy as any other internet security service.

 

What are the Different Types of Password Managers?

Password managers can be broken down into two general categories:

I. Credential saving

Credential/Password saving: This is where you save passwords using the password manager without remembering them at all. All you need to do is remember one strong master password for the password app, and every other password is automatically encrypted and kept safe inside it (much like a safety deposit box). You don’t even need to know what they are – all you have to do whenever you want to use any of these saved passwords online is enter your single strong master key, then copy and paste.

II. Credential management

Credential management: Most people find this helpful because it gives them a safer layer between their everyday digital life and their private or work data – providing an extra layer of protection. Professionals typically use these apps to keep their personal lives separate from their work lives.


So, now let’s dive in and quench your thirst with an introduction to some of the best password managers around.

 

Web Browser Password Managers

A browser-based password manager can be a great option if you want to store your passwords in an encrypted cloud instead of using a program installed on your computer or phone. Examples of web browsers with built-in password managers include Chrome, Safari and Firefox.

There are two main reasons to use browser-based password managers:

  1. You might not have a computer that runs the software necessary for a desktop password manager. Although, this is unlikely in this day and age.
  2. They’re incredibly convenient.

You can access your passwords from any device with an internet connection, and it’s just as easy to add new passwords when signing up for websites on your gadgets.

Browser-based password managers automatically save your passwords and give you easy access to them with one master password. You only need to remember the master password for logging in, and you can add as many accounts as you like. Unlimited password saving? Fantastic!

Automatically saving your passwords is convenient because it reduces the chance that you’ll forget a password or have to switch to a temporary one when you’re in a hurry.

You can also use your browser-based password manager to quickly fill out forms with your saved password information, which comes in handy if the site is challenging to navigate or isn’t cooperating with autofill.

 

Cloud-based Password Managers

Cloud-based password managers are becoming more popular among people who use multiple devices for their computing needs because it offers protection even when one device is lost or stolen.

When you use a password manager like this, all your passwords are encrypted and stored in the cloud, so it doesn’t matter which device or browser you’re using at the time. This also means that no passwords are stored on your individual devices. They’re all located in the service provider’s servers. Even if one device fell into the wrong hands, it would be impossible to access your accounts unless they know your master password or each individual account’s password, which is unlikely. If most people use complicated passwords, there’s minimal chance of using brute force to crack any passwords.

For this form of password management to work, all you need is an internet connection. You can choose from various well-known services such as LastPass, Zoho Vault, Dashlane and RoboForm, which offer free versions with premium options available to improve functionality.

Again, to create a secure password, you need to use a combination of unique characters, numbers, and letters. This may seem difficult at first, but it becomes easy with some practice, so don’t be discouraged. The more complex, the better, as this makes your passwords harder for anyone to guess – even if they have access to all the publicly available information about you.

 

Desktop-based Password Managers

Desktop-based password managers are potentially the most secure form of the three types mentioned. They are downloadable software apps that provide a secure environment for users to store passwords and other sensitive data. Some can also be used for storing important information, uploads of passports, licenses etc.

The desktop-based password managers provide several benefits to their subscribers. These include:

I. Password storage

II. Password generator

III. Security reminders

IV. Two-factor authentications

V. Secure screen lock

VI. Alerts to database breaches.

Before using a desktop-based password manager, the user must download and install it on their system. One of the more popular options is 1Password, which allows you to store passwords for websites, generate new ones and track changes.

 

Premium/Paid Password Managers: Are They Safer?

Paid password managers are safe to use, as are good quality free ones, they just come with a lot more functions. If you want the most secure option, use a cross-platform paid password manager that supports two-factor authentication (2FA) and does not have any backdoors which give law enforcement or hackers access to your passwords.

Premium password managers are safe because they never have access to or store your password. Instead, they generate a personal key for each login and encrypt your data locally on your device. They never know what you typed in as a password. One password manager says its security is so good that the company couldn’t crack it themselves if they wanted to – nor could a government agency with a court order.

Additionally, a premium password manager never sends your master password to servers, where a hacker could intercept it. Instead, these services tend to use bank- or military-grade encryption and create what’s called an “encrypted blob,” using your master password as the core for that blob of data. The only way to decrypt that data is for someone actually to enter your master password.

Premium password managers are perfect for businesses but can be too feature-rich and confusing for individuals, so it’s best to find one with customisable settings. They should allow you to set up a master password that is somewhat stronger than the default strength suggested by the manager, and they should let you control how often an automated tool runs to help keep track of your passwords.

Most should also let you sort your stored website usernames and passwords as you see fit. You might want them arranged alphabetically or grouped by the site you use each, so they’re easy to find later.


Recommended Password Managers

There are several different styles of password managers, which can make it challenging to find one that matches your needs. It may be best to start by identifying what you want from a password manager and then look for an option that offers this.

And speaking of options, you can’t fail to meet your perfect match in this list.

 

1. 1Password

 

1password password manager

1Password is like a Swiss Army Knife for your passwords and personal information. You can use it to log in securely, it protects you from threats like phishing or malware attacks, and it checks if the website supports 2FA (two-factor authentication). It tracks what sites were accessed last using browser history transparency features that delete them after each browsing session so they don’t get abused.

1 Password also allows using biometric input, including fingerprint readers and facial recognition using Touch ID on supported iOS devices. A QR Code scanner is available via Windows Phone Store.

In addition, you may use dark web scanners at your disposal to protect yourself from being hacked by third parties. You’ll be alerted if your email address or credit card details are ever detected as being used.

To see whether or not the website uses HTTPS before logging into it with 1 Password, for example, check this information when verifying accounts if there’s been any suspicious activity on their end(s).

Finally, Travel Mode encrypts critical data such as passwords in transit so they can’t be accessed without access codes sent through notifications. Only 1Password provides us travellers peace of mind knowing your valuable vacation moments won’t go down due to another breach.

 

2. Dashlane

dashlane password managers

Dashlane is a password manager and security suite for all of your devices. This tool can store payment information, usernames, unlimited passwords, complete addresses, phone numbers, etc. It can also automatically fill out your details when you sign up for new websites or services. Again, this service has dark web scanners to check for security breaches and use of your information where it shouldn’t be.

Dashlane stores data in the cloud, so you can access it wherever there’s an internet connection – on desktops as well as mobile devices. They used to be desktop-based but are phasing out their desktop app. DashLane also has one-touch login options that save time when signing up for new services or downloading apps (no more manual inputting).

The best part? Creating strong passwords has never been easier, thanks to their built-in generator tool. So, log in securely today by downloading this excellent app called DashLane.

 

3.       LastPass

LastPass is one of the safest password managers in today’s market providing secure storage with its zero-knowledge design and AES 256-bit encryption.

Several multi-factor authentication choices are available for LastPass users, including YubiKey or Google Authenticator, that can be utilised when logging into your account from locations other than your usual home computer/mobile device.

The company was hacked in 2019, resulting in the exposure of over 16 million users, which they swiftly corrected. LastPass still has a tarnished reputation because of this incident, though. However, some people may look past this reputation due to how quickly LastPass responded after being compromised, and the improvements they have made since.

 

4.       KeePass

He can eat grilled cheese in less than five minutes. It’s the perfect amount of time before the bread gets toasty and crispy without burning.

So, if you’re watching your carb intake, get your hands-on KeePass for that nightmarish world of out-of-control security breaches.

I know this sounds like one of those obscure products from the IT hall at Best Buy, where you’ll spend half an hour browsing around to figure out what it is. Still, I promise this kid has been getting a lot more playtime since Yahoo got hacked because KeePass will keep all your passwords safe and sound on your laptop so hackers won’t find them.

KeePass is the password manager you’ve been looking for-it’s simple, reliable, open-source, and free to use.

Is it secure? With an AES-256 encryption algorithm on your master password, your data is as safe as Fort Knox.

This app is a reliable password-saving option for your sensitive data. And in fact, it has been downloaded millions of times to keep private things private.

You can also export these files as a .csv file you might need if you plan to stay safe while browsing the internet on public Wi-Fi connections such as when you’re staying at the Park Hyatt in Auckland’s CBD after making some crypto riches.

 

5.       Roboform

With RoboForm, your passwords are finally safe and ready when you need them. So, if you’re always forgetting passwords to your favourite accounts, worry no more.

RoboForm is the reason you’ll no longer be compelled to give away all of your secret information for any website or game. With RoboForm password manager, you’ll be able to encrypt everything from bank details to calendar entries with ease – no more simple, repetitive and insecure passwords for you.

Now, all that complex data will stay safely behind complex codes while the 256-bit Advanced Encryption Standard (AES) keeps prying eyes away. Your lack of comfort knowing what personal information could end up in the wrong hands is gone by morning.

“Say goodbye to the need for passwords. RoboForm saves you time and frustration.”


Is Using a Password Manager Worth it?

Yes, it’s really worth it to utilise a password manager if you possess a lot of different accounts to keep track of or if you often forget your passwords.

It’s also a good idea for those who work in high-security areas or do a lot of online shopping. You can use it as the only place to store your passwords and not have to remember them at all. However, a password manager can’t protect you from phishing or keyloggers.

A password manager is a tool to help you manage passwords. It’s like the wallet in your pocket: it helps you carry your money and not lose it, but if someone robs you at gunpoint, they’ll still steal your money. If you get hacked, the hackers might get your passwords. Therefore, to protect yourself against keylogging and phishing attacks, use a combination of the tips from this guide and good anti-virus and anti-malware software.

 

The Bottom Line

Password managers offer secure storage of passwords, but they can’t 100% protect against everything like malware keyloggers and phishing attacks. If you’re looking for the best password security use more than one approach, e.g., using anti-malware and anti-virus software as well as a password manager.

Good password managers are fantastic since they enable you to store all of your passwords in one place so that you don’t have to worry about forgetting them or having too many different places where they’re stored. Most allow you to access these passwords anywhere with an internet connection, making life easier when working with multiple gadgets.

Some of the most popular password manager software options include 1Password, RoboForm, Dashlane, LastPass. It’s also possible to save all your passwords on the Google Chrome browser which is useful for any Android device too.


References

Jancis, M. (2021, October 11). Are password managers safe to use in 2021?. Cybernews. https://cybernews.com/best-password-managers/are-password-managers-safe/

Moore, B. & Key, K. (2021, November 4). The Best Password Managers for 2021. Pcmag. https://www.pcmag.com/picks/the-best-password-managers

Turner, B. (2021, November 15). The best password managers for 2021. Techradar. https://www.techradar.com/nz/best/password-manager


Disclaimer:

The above references an opinion and is for informational purposes only. Do not take this as personalised financial advice or investment advice. The views expressed by the author do not necessarily represent the opinion of BitPrime.

 

Last updated: 07/12/2021

 





Source link

Leave a Comment

Your email address will not be published. Required fields are marked *