If you thought passwords might be going away, they’re not.
In the past few weeks we’ve discussed what it takes to make a Strong Password and why 2FA is so important. We know that nobody likes passwords, but they’re a fact of life. They haven’t been killed off with fingerprints or face-scanning technologies, and it doesn’t look like there’s anything on the horizon that will take the place them anytime soon. Simply put, there is currently no single security method that is as reliable as having a Strong Password.
But there is a way to make having Strong Passwords a little easier…
The Password Manager
Instead of remembering a whole bunch of passwords, you can remember just one AND still have different passwords for every site. That is what a Password Manager can do for you! It’s like having an encrypted book of passwords that is locked by a master key that only you know. It remembers your credentials and enters your password into the website for you. Best of all, most are plugins that will sync across all of your browsers and computers and even with mobile devices.
Okay, those are the primary pros of using a Password Manager. There are others such as:
- Preventing Password Re-Use Attacks – by not having the same password for multiple sites, hackers cannot use stolen credentials to log into other sites
- Stop Imposter Sites From Phishing Your Credentials – imposter websites are designed to look like a website in which you have an account to trick you into entering your credentials, but Password managers won’t enter your password into an imposter site
- Track Services With Which You Have Accounts – can’t remember if you signed up with a particular website? the Password manager will know and you can search through it anytime making it easier to keep track of accounts you use and close or delete accounts you don’t use
- Alerts For Compromised Services – the vast majority of Password Managers will let you know if a particular site or organization with which you have an account has experienced a data breach
- Password Security Monitoring – has it been a couple of years since you changed the password for a social media site or an account you don’t often use? most Password Managers know and will tell you; they’ll also let you know if a particular password is weak
As you can see, Password Managers can do a lot for you, though there are some cons.
Potential Drawbacks of Using a Password Manager
I’m using the word potential here because most of the drawbacks are directly related to the user, i.e. you and me.
The first question that people ask is, “Should I store all my passwords in one place?”
Obviously, if a hacker gets hold of your Master Password and all of your other passwords are stored in that one place, it could be bad. The thing is, the security of the Password Managers themselves has proven to be pretty darn robust. If your Master Password gets compromised, it’s most likely going to be because you didn’t use a Strong Password, reused a password that had already been compromised, or were successfully Phished. In other words, it’s most likely going to be a user issue. Keeping that in mind, the whole point of the Password Manager is to keep all of your passwords in one place to more easily manage them.
As we said, there are a few other potential drawbacks, so let’s get into them:
- Adding Information – adding all the information from all of your existing accounts into the Password Manager can be time consuming and requires you to remember every place where you have an account
- Remembering The Master Password – since all of your other passwords rely on the master password, if you forget it, getting back into the account will not be easy; these companies are constantly under attack, so you are going to have to go through multiple verification processes to get it reset
- Password Security Alerts – most Password Managers are going to tell you when a password is being used on multiple sites, a password hasn’t been changed in a while, a password is too weak, etc.; the number of alerts can cause people to start ignoring them
- Outages – like all other services, Password Managers will have the occasional outages, though the companies have backup servers and try hard to make sure scheduled outages occur in off-hours to minimize the potential impact
- Autofill Blocked – some websites won’t play nice and will block the autofill, though you can still go into Password Manager to copy and paste the site password if you can’t remember it
Reviewing these potential drawbacks, most of them come down to how serious you are about the Password Manager. Jumping in halfheartedly can sully the experience for many users. Something like forgetting the Master Password can cause people to throw their hands in the air and quit the Password Manager altogether. For this reason, if you’re not 100% convinced a Password Manager is for you, it’s a good idea to start slow, adding lower value passwords to see how it works and how you like it.
Real Password Managers vs Browser Password Managers
You can’t use a web browser without being asked if you want them to remember your password. Chrome. Firefox. Edge. Safari. No matter what browser you prefer, they have a password manager. The thing is, these aren’t as secure as you want to believe.
Part of the reason for this are all the Phishing Scams out there. Web browser passwords are a very common target of scammers, significantly more-so than password Managers. Falling for one of these scams can immediately compromise all of the passwords you have stored in the browser. In addition, while the website browsers do have a degree of security, they generally lack the robust encryption and reset security of Password Managers.
If you decide not to use a Password Manager, that’s fine, but we strongly recommend not letting your browser store your passwords.
I’ve always had a love of working with technology, being fortunate enough to have grown up with a grandfather who taught me how to fix things for myself and not be afraid to jump in and get my hands dirty. Over the last three decades I’ve worked as a technician, trainer, technical writer, and manager with small businesses, enterprise level organizations, and government, picking up a lot of skills on my journey. In addition, I’m an author, having published multiple works available online and in print.