Think of your Facebook password. Does it include your old street address, your kid’s or pet’s name? On top of that, is your password documented in your emails, notepad on your phone or in a diary somewhere?
If your answer was yes to any of those, then hopefully this blog helps change that. Having personal information floating around is dangerous – and that’s why password managers exist. We have a lot of passwords to remember, and keeping a note of them somewhere seems like a good idea. But, if you’re going to do this, you need to put them somewhere safe that only you have access to. Using a password manager is like putting your passwords in a safe that only you have the key to (unlike the diary you could leave on the bus or at a café).
To simplify it, a password manager does the following:
- Lets you store and protect your passwords by encrypting them, so no one else can access them.
- Allows you to create random, unique, and lengthy strings of characters that you can use as passwords for your online accounts.
- Lets you store all sorts of digital records (credit card details, secure notes, etc) in a secure manner.
- Allows you to auto-fill all your passwords once logged into the password manager, so you never need to copy and paste passwords when you’re on a log-in page.
Once you have all your online account details stored in the password manager, the master password is the only one you must remember. The password manager will do the rest for you. You don’t have to remember a load of different passwords, or risk using the same one in multiple online accounts.
As a best practice and an extra layer of security, you need to enable two-factor authentication (2FA). 2FA is very popular and commonly used by Google, where when you log in, you’re prompted to confirm your identity via another personal device – whether it be an SMS code or to another personal email. That way an attacker would need your password and an additional piece of information like a one-time code, to get into your account.
BENEFITS OF HAVING A PASSWORD MANAGER
- Prevents “credential stuffing“ attacks (an attacker attempts to login to a service using credentials obtained from a data breach of another service) by ensuring you use a unique login for each account.
- Mitigates phishing attacks, where scammers will encourage you to click a link so they can steal your credentials. Since the password manager ties the credentials to a specific web address, the autocomplete will not work on phishing sites.
HOW TO SELECT A PASSWORD MANAGER
Choosing a password manager is based on preference and there are a lot of products to choose from in both open-source (free of charge) and paid format. The following tips will help you to select one that best suits you. Generally, there are two types of password managers you can choose from:
Cloud-based password managers
Cloud-based password managers are a popular choice for many users, as they offer convenience and ease of use. They store your passwords on a remote server, which you can access from any device with an internet connection. This means that you can easily access your passwords from your phone, tablet, or computer, without having to worry about syncing or backing up your data.
Examples of cloud-based password managers include Keeper, Dashlane, and LastPass. These password managers offer a range of features, including password generation, autofill, and two-factor authentication. They also provide a browser extension, which saves you a heap of time by auto-filling in your login credentials when you visit a website.
Local password managers
Local password managers are another option for users who prefer to keep their data offline. These password managers store your passwords locally on your device or a removable storage device, such as a USB drive. This means that you have full control over your data, and it is not stored on a remote server.
Examples of local password managers include KeePass and Password Safe. These password managers are free and open-source, which means that they are transparent and auditable. They also offer strong encryption and password generation features, which make them a secure choice for storing your passwords.
Now you know the difference between cloud-based and local password managers, it’s good to consider the following factors when selecting one, and figure out which of these factors are most important to you:
Security
Look for a password manager that offers strong encryption and two-factor authentication.
Ease of use
Choose a password manager that is easy to set up and use, with a user-friendly interface.
Compatibility
Ensure that the password manager is compatible with all of your devices and browsers.
Features
Look for a password manager that offers features such as password generation, autofill, and secure sharing.
Cost
Consider the cost of the password manager, as some options may be more expensive than others.
Selecting a password manager is an important decision that can impact the security of all your online accounts. Don’t underestimate the threat of passwords being leaked, it happens more often than you think. If you’re just using a password manager for personal use, maybe consider a free, open-source version to get yourself started. If you’re running your business from home and don’t already have these security measures in place, Keeper, Dashlane and Lastpass could be very efficient options as well.
