“Password Managers: What They Are and Why They Are Important For Online Security.” (From our Forums.)
Text originally published by Lyton Atinga on the Cyber Secure Central Forums.
There are a lot of things I don’t care to keep count of. One of them is how many times I have been told to create a strong password. When it comes to passwords, you will be faced with a lot of confusing opinions. Some people will tell to create simple passwords that are easy to remember while others recommend strong ones that are hard to guess.
If you have been using passwords long enough, you understand that whipping out a password that is both ‘easy to remember’ and ‘hard to guess’ is something close to a nightmare.
I have always said that passwords are the keys to your information stores. That is why it is so important to take your time while creating one. But for most people, creating a strong password is not a problem. The problem is creating strong passwords for 10 different accounts. Another popular advice in the online security space is that you should never use the same password for different accounts.
Why You Should Never Reuse Passwords!
I get it, you don’t care.
But if you knew what it feels like having your sensitive information out there, you would take this annoying advice. You may have a strong password that you feel safe using across all your internet accounts. But in case that password leaks or gets accessed by the wrong person, the probability they will try using it on all your accounts is very high.
So, a password leak at one website puts all your other accounts in jeopardy. There are a lot of things that can happen after that. The worst one is that if they have your email address and assuming you used the same password on your email account, they can reset the passwords to all your accounts and just like that you lose control of all of them!
That is why you should use a unique password for each one of your accounts.
And that is where the problem is. How do you create 10 strong passwords and remember all of them? If you ask him, I would rather use my date of birth on all the accounts.
But do I have to? Is there actually a way I can create 10 different unique passwords and remember all of them?
Yes there is! You simply have to use a password manager.
What Are Password Managers?
Think of password managers as stores or databases where you keep your crazy, long and unique passwords and retrieve them every time you need to use them.
That is the basic functionality but a password manager does so much more than that. For starters, it will generate the password for you. This will usually be a random ugly looking thing that requires some spiritual inspiration to guess. Thank God, you won’t have to remember it.
Apart from passwords, a password manager can also help you keep track of your PINs, credit card numbers and answers to security questions on different websites.
Password managers use super strong encryption to keep all these information secure. You will only need to remember one password which you use to access the ‘vault’ containing your password and other security paraphernalia.
How cool is that?
How do password managers generate strong passwords?
Apart from storing your passwords, password managers also help to generate unique passwords for your different online accounts. The generated passwords are so complex that cracking them will be very hard.
But how exactly are these passwords generated?
Random passwords are generated based on your own criteria. The password generator tool uses a set of parameters that you set yourself. These include mixed-case letters, numbers, symbols, pronounceability, length, and strength. The criteria will also be informed by the website for which you are creating a password for. Remember they all have their own differing password requirements.
The password generator tool then uses its own algorithm to combine upper and lowercase letters, symbols, and numbers to create a password in an utterly unpredictable manner.
‘Random’ means that the passwords have no any identifiable trend. You can choose to make the passwords as long as you want. You won’t have to remember them anyway.
Are password managers secure?
So what if someone gets hold of your master password and access all the info in your password manager?
There is that probability. But what you have to remember is that password managers are heavily encrypted. These are tools storing keys to information vaults so you understand why security is their top priority.
Attacks have been made on password managers but most have been unsuccessful. If you think about it, the benefits of using a password manager highly outweighs the alternatives like writing them down or storing locally in your computer.
The secret is choosing a trusted and credible password manager.
How to choose the best password manager
Below are some of the factors you should consider when choosing a password manager.
• Security — The key to a secure password manager is super encryption. If it uses basic security features, look elsewhere.
• Multi-factor authentication — A decent and secure password manager should use 2FA authentication. This makes it harder for people to access your account.
• Usability — Look for password managers that have unique usability features which other brands do not have.
• Browser extensions — A password manager with a browser extension will make your online experience more painless and secure.
• Automated updates — Password managers which update your passwords automatically are preferred. Some do not have automated updates and this should therefore be a top criteria.
• Secure syncing — The password manager you choose should be able to securely and seamlessly sync all your devices. This means that for example when your lock up your Instagram account on your laptop, the same will happen on your phone.
A password manager can simplify your life in many ways. Apart from ensuring all your online accounts are secure, it also makes accessibility easier. You won’t have to reset your passwords from time to time because you keep forgetting them.
Password managers can either come with a fee or free. You can go with either plans depending on your preference and budget.
The content of this article does not reflect the official opinion of Cyber Secure Central. Responsibility for the information and views expressed in the article lies entirely with the author(s).