What is a password manager and what does it do?
The majority of people use really weak passwords for signing up for websites and reuse them on different websites. It’s nearly impossible to create unique, strong passwords for every site you use. A password manager is the solution. A password manager is used in assisting in generating, storing, and retrieving complex passwords for people. A password can be calculated on demand or retrieved from a stored encrypted database. Password managers come in a whole lot of forms. They can be online services accessed through a web portal, locally-installed software applications, and locally-accessed hardware that are used as keys to unlock passwords.
Password managers that are web-based services are usually websites that store login information securely. The main advantage of web-based password manager services is that you can access it on the go. You have to really ensure that you trust the hosting site. If you want your passwords to be protected, you’ll want to take extra security measures.
If you choose to get a password manager that runs through locally-installed software then the application will solely be on the device that you installed it to, like your computer or any of your mobile devices. These password managers can operate offline because it is installed on a device and you’re not accessing a website. There are options that combine web-based services with software. These options depend on the password database being based online, and the password management is controlled by software installed on a device.
Security tokens are a form of password management. Security tokens are token-based hardware devices that are locally-accessible. These devices include flash drives, smart cards, and the likes. They’re used to authenticate a user with or as a replacement to traditional text passwords. Some offer multi-factor authentication where they combine factors such a biometrics (fingerprint or retina scan), a PIN, or a mobile application. The data on the token is encrypted and some still need some type of software installed to operate correctly.
As expected, the encrypted database is either stored remotely through an online file hosting site or locally on one or more of your devices. The functionality and use of these password managers depend on how they are stored. Generally, password managers require users to create a master password to unlock and then access the information you have stored in the database.
How do password managers work?
The way each password manager works depends on the type of password manager you use. The most common password managers are web-based services. They work by downloading the application to your device. From there, you will create an account. Depending on which web-service you’ve chosen, you’ll access your passwords through a series of identification markers. These markers will be in the from fingerprint scanners and other multi-factor identification steps. Using these services, you can create generate new and unique passwords and easily change these passwords if security has been breached.
Who is it for?
Password managers are the perfect solution for those who never remember what their password is and constantly have to reset it. These types of tools only require you to remember one password and you can easily access the rest.
It’s also a great tool for those who have difficulty compose strong and unique passwords. You never want to feel like you’re putting your security at risk by using an easy-to-guess password. Password managers take away the challenge of creating a whole bunch of difficult passwords. The only password you’ll need is the one to open your account, and you can easily make this a strong password by avoiding the common password mistakes which you can find online.
Password management services are generally good for everyone. Security experts encourage the use of them too. While you need to thoroughly research and find how the password manager you’re interested in handles security threats, the general use of them protects against threats. They’re tools to make life easier. With one handy, you’ll never again have to spend an hour resetting the passwords you should remember by heart.
Why do I need a password manager?
- Passwords are the key to your whole life. With the daily use of passwords, it’s easy to forget the purpose of them and how important they truly are. Passwords are the key to not only your digital life but your whole life. While passwords do control your communication with other people across the web through social media and email, there are accounts that you have that contain information that affects your real life. If someone were to hack into an account that contains your bank information or personal information, you may face some serious identity theft.
- The chance is you have hundreds of accounts online. The average person today has too many accounts to even keep track of. Everyone has accounts with email services, Facebook, Instagram, Amazon, Snapchat, any online video game, Google, and so many more. You can’t forget the ones you use only twice a year. With so many accounts, it’s impossible to remember every unique password you’ve made. Let’s be honest though, you probably don’t have a unique password for each website you’ve signed up for. Password managers make sure you have strong, one-of-a-kind passwords for each of your accounts with minimal work from you.
- The alternatives just don’t work. You’ve probably seen your mom or an older relative write their password down on a piece of paper. Writing down your password is a good idea in theory but it’s manually taxing to write down so many passwords plus the chances of losing the paper are high. You could tape it to your desk but what if you need a password on the go? What of the people who come into your house and can easily see your passwords? It’s not very practical and not secure. You could try to keep your passwords in a document on your online drive but it’s extremely insecure and you could forget your password to login into the drive. While you could forget the master password of your password manager, you have the backup login features that can help you get in.
What are the pros and cons of using a password manager?
- Easy to Use. After making an account with a password manager, the login information of each site you visit can be saved and stored in the manager. It eliminates the need to remember those passwords in the future. Plus, password managers that are able to create randomized passwords for each of your websites creates security without you having to lift a finger.
- Encrypted Files are Safer. Encryption is a method of protecting data by creating a code that no one can break. Password managers automatically have your information encrypted so you don’t have to go through the process of trying to do it yourself. Be sure to check that the password manager you choose uses a respected and reliable standard such as Blowfish or AES. While any password can be cracked with enough time, money, and resources, having your sensitive files encrypted helps decrease that chance.
- Has the Ability to Provide Defense. Password managers can be used as a safeguard against such acts as phishing, pharming, and keystroke logging. It protects against copycat sites by comparing the current site’s URL to the original stored in the manager. The multi-factor login associated with many password managers prevents keyloggers from stealing your password. While they may be able to get your PIN, they won’t be able to access your account without your smart token. Password managers are not able to protect against man-in-the-browser attacks, where malware performs malicious activity on your device while logged into a site, but it’s the safest option for those who want securely store and create passwords.
- While there are password manager services that are reliable, there are just as many that don’t have the right safety guards in place. A few good services have suffered hacks and the like but the way that they responded and recovered have kept them in good graces. It’s extremely important that you as a user research the password manager you’re interested in and make sure that they have all of the safety measures in place. Your information doesn’t have to be vulnerable. The tools are out there; it’s up to you to find them.
- User Interface Flaws. While password managers keep you safe from copycat websites, there is nothing keeping you safe from going to an interface that is a duplicate for your password manager. This can happen through an iframe. It makes the user put their login information while the URL displayed in the browser is not the URL for your password manager. Phishers can take advantage of this by creating a duplicate iframe and capturing your user information. This is an easily avoidable feature and there are many password managers that don’t use an iframe for login.
What are the main features to look out for password managers?
- Password Generators. The easiest to find factor among password managers is password generators. It’s a great feature as it gives users the chance to not only store their old passwords but helps them create strong passwords for new sites. Make sure the password generator the manager uses is more than just a simple number generator.
- Accessible Across Devices. You use your sites on more than just your computer, so you’ll want a password manager that works on more than just your computer. This won’t be found locally-installed software unless it has some connection to cloud storage. You always have your phone so you should always have your passwords
- Multi-Factor Identification. The most common way password managers have you access your account is through a master password but that shouldn’t be the only way. One of the reasons you’re looking into maybe investing in a password manager is because you can’t create strong passwords so you don’t want your only defense to all your passwords something that is easily cracked. It’s crucial to look for a password manager that offers both a master password and another form of identification, ideally a token or fingerprint scan.
Common FAQs regarding password managers
Is it safe and secured to use a password manager?
Generally, yes. There is no safer way to store your passwords at the moment. It is possible that with enough time, effort, and resources a hacker can breach the security measures put in place by your host site if you’re using a web-based password manager. It’s not likely to happen though and you’re at even greater risk if you store them on your computer unencrypted. While they’re not perfect, password managers are the safest form of accessing your websites until biometrics become more advanced.
How much can I expect to spend on a password manager?
Each password manager has its own benefits, so each has its own price points. Some of them you can download for free. Others can range from buying an application for $2.99 a month to $40 per year. There are many free options that may meet your needs. If you’re looking for a little more, research and weigh the advantages of each. More expensive services usually allow you to work across all devices. Others let you participate in a free trial run to determine if the service is right for you.
Can I share my passwords with my partner?
The point of password managers is to secure your passwords, so wondering if you can share with your husband or wife is a valid inquiry. It is possible to find a password manager that lets you share your password with family members. Some do it more securely than others so be sure to read reviews on that functionality. Some offer family subscriptions so it’s easy to share in the family and allows you to customize what family members see what passwords. Others make it more difficult and require both family members to have an account.