Password Managers: Absolutely Essential for Secure Password Storage
Why is a password manager essential for secure password storage? Stolen and weak passwords are leveraged in 81% of hacking-related breaches, according to Verizon’s 2017 Data Breach Investigations Report. The importance of protecting and using strong passwords is dire.
Those pesky passwords and the rules that go along with them are a thorn in your side. Given the number of passwords people have, easily over 100 for many, it’s a whole rose garden of thorns. You can’t remember them all, so you need a way to store passwords.
Password managers are applications or cloud-based services that provide a secure database for usernames and passwords. Web browsers can store passwords, but will not be discussed here, as they are less secure than third-party password managers. The database in a password manager is protected by a master password, the only one you have to remember. That one master password gives you access to all of your passwords.
Are Password Managers Safe?
Doesn’t that mean that if someone gets a hold of my master password, they then have access to all of my passwords? That is why the developers of any password manager put great effort into protecting the master password. The master password never leaves the local device. It is not stored on any servers in the cloud. Security is so tight that many services have no password recovery capability. When you lose your master password, you lose access to your password database forever. You can also use two-factor authentication with most password managers to further secure your login to the service.
The password storage databases are protected by very secure encryption algorithms such as AES-256 or Twofish. The database may be stored locally or in the cloud, depending on the application or service. If you’re uneasy putting your password database on a server in the cloud, local storage is a good option for you. Password storage in the cloud gives the added convenience of being able to access your passwords from anywhere.
If you’re still not comfortable using one password to protect all others, you may want to sit down before you read on. You’re already doing it. Most of the websites and services you log in to let you reset your password via a password reset link sent to your email. If someone gets your email password, they can get most of your other passwords.
Beyond Password Storage
Other features may be available, depending upon which password manager you choose. Password generation saves you the agony of creating unique passwords for every account. Username/password autofill allows you to log into a website by clicking a single button. Web form autofill does the same with information like name, address, phone, and credit card number.
Of course, you can choose what information store, so if you’re squeamish about storing your credit card info, you can omit that. Biometric login lets you use fingerprint, Face ID, Touch ID, or Windows Hello. Secure notes provide a free text field where you can add notes that will get encrypted along with your other information. Password managers with most of these features include LastPass, Dashlane, Password Safe, KeePass, Keeper, 1Password, Sticky Password, and RoboForm. Many have free versions.
Haste Makes Good Security, in This Case
There are plenty of password managers to choose from. In addition to features, there are other considerations when choosing a password manager. What password recovery options are available? The easier it is to recover, the weaker the security. Is local storage an option? Is there a way to export the database? Answering these questions makes it easier to change to another password manager in the future. Is it using a proven 256-bit or better encryption algorithm?
Any password manager listed above is better than Post-it notes, Excel spreadsheets, one password used for many accounts, or using simple, easily cracked passwords. If that’s what you are doing today, stop doing it, today. Then you can take your time selecting the password manager that’s right for you.
OneSupport is Here to Help
Being vigilant and proactive about your online security goes a long way toward keeping you and your family safe from cybercrime. If you need help setting up a password manager, reach out to a technology advisor today at 844-818-3415. OneSupport can help you stay safe online with personal technical support plans.