There is nothing more frustrating than forgetting your password and having to reset it again and again. Thus, many have turned to the best password manager software you can find offline and online to spare themselves the inconvenience. But are password managers safe to use? What are the risks in using them, and what are the most reliable ones? You might have heard security experts recommending them yet, many are still opposed to the idea. This guide will tackle this widely-debated topic and, hopefully, help you make an informed decision on whether you should use them or not.
What Are Password Managers?
A password manager is a program that keeps track of your passwords across different platforms as a measure to protect them, usually giving you the option to create only one password that you would use to log in. This way, you don’t have to memorize each password and only use one to log in to all your accounts.
One big advantage of this is that you can create a unique password for every platform to avoid being hacked. It is not wise to use the same password for different accounts because that puts you at risk of malicious hackers getting access to sensitive data such as your bank accounts and use them for nefarious purposes. In the worst-case scenario, they could steal your identity or put your password up on the dark web, which brings so many other complications. However, you have to find out if these password managers are actually safe to use.
How Do Password Managers Work?
There are different ways that password managers work. They don’t all have the same features. This sophisticated program retrieves your passwords from different websites and applications and saves them. Depending on the type you use, it can also generate passwords for you that are unique, secure, and difficult to guess. This way, it also protects other vital information like your credit card numbers, answers to security questions, and other sensitive data. It does so using various advanced technologies.
To understand if password managers are safe, it’s essential to have some background of how it works. One way is by using encryption. If you’re not familiar with the term, encryption is a cipher which is a code that is disguised in a cryptic manner as the term suggests. Only the program can decipher the information so that it appears indistinguishable, keeping it secret from hackers. Most of the time, it appears as plain text. To make it even more secure, your data is sometimes unrecognizable to the system itself, a system called zero-knowledge architecture. This is the best type of password manager that you can get.
Though many can be skeptical, many password manager programs claim that they implement a zero-knowledge architecture. How does this make password managers safe? This technology encrypts your passwords before the program even takes a hold of them. In other words, they are already masked before they leave your device be it your computer or mobile phones. Once they are stored in the program’s server, even their software engineers have no way of deciphering them.
Creating a Master Password
As mentioned briefly above, one way that password managers are safe is by allowing you to create a master password that gives you access to your stored information. This ensures that all your passwords are safe in one place.
As an added measure, the program may even require two-factor authentication to enhance its security. Two-factor authentication or 2FA requires you to verify that it is in fact, you who are trying to access a specific website or application before it even accepts your master password. How? There are several ways to authenticate or verify your identity.
One is by sending you a unique one-time code to your email or mobile phone. This code usually expires after a few seconds so that it cannot be stolen should your device fall into the wrong hands. Another way is by requiring you to use an application that will generate the code for you. You will then have to enter this code for you to log in successfully.
If you have a device that uses a thumbprint or facial recognition technology, all you have to do is to place your thumb or hold your device to your face.
Why Get a Password Manager?
Given the measures stated above, are password managers truly safe? Even with the way technology keeps changing and advancing, the truth is no security measure is 100% safe. What these programs do is add a layer of protection to basic security measures already implemented by a certain website or application. They are basically safe in the sense that the program itself cannot steal your information. However, the safety of your accounts largely depends on the type of password manager that you use.
As mentioned, not all programs work the same way. Some are more stringent while others only offer basic security features that may or may not be enough for your needs. Here are some advantages of password manager software and how they are safe.
Focus on More Productive Tasks
Instead of stressing over creating secure passwords and forgetting them, you can focus on being more productive. After typing your master password, the software will automatically fill the website or application with the correct log-in information for you. This saves you time and energy so you can focus on your important tasks.
Create More Secure Passwords
Often, people are not able to think of secure passwords especially when a website or app has specific requirements. Instead of spending time figuring out a password that would meet these requirements, the software can generate one for you. This is helpful if you are creating a new account or have forgotten a password and need to create a new one.
Fill Out Forms Faster
Using a password manager can also save you time when filling out forms that request information such as your name, age, address, phone number, and so on. You can configure this in your settings.
Who Should Use Them?
While password managers are quite useful, some people may find that they are riskier and more of an inconvenience than helpful. They may choose not to use one due to several reasons, one being that they prefer to store their passwords manually either by writing them down or storing them in a secure device.
You should most likely use a password manager if you are prone to forgetting your passwords often. People who have experienced being hacked before should also consider using one. This is because they have already been exposed and their password patterns have already been discovered either by a program or an individual. It is quite natural for people to create passwords that are similar in nature across platforms, making it easy for hackers to guess them. Once they have gotten one password, you can expect them to crack the others. People who use multiple devices or log in to computers outside of their personal ones should consider using a password manager.
Risks Involved in Using a Password Manager
In deciding if password managers are safe, it is helpful to know the risks involved in using them. Knowledge of these dangers will help you protect your data and have a meaningful course of action should your app get compromised. Here are some of the things that you should know about.
Storing Your Data in Once Place
You have learned above that one of the ways in which password managers are safe is by storing your data in one place. There are advantages and disadvantages to this. On one hand, it is like using a secure vault that only you can access. Only you have the key to your vault so you don’t have to hold on to several keys, risking the possibility of losing them or confusing one with the other. On the other hand, you will be putting all your sensitive data in one place which will give someone access to all of them when compromised. In the event of a breach, you will have to go through the excruciating process of changing every password which will give the hacker enough time to steal the information they want from you. Whether this risk is worth it or not is up to you.
A Backup Feature May Not Be Available
If your password manager application does not offer a backup feature, you may lose all your passwords if their server goes down. This is why it’s vital to keep a backup of your own so you can keep your passwords safe.
Weak Security on Your Devices
No matter how safe your password manager is, if your device has weak security, you are still at risk of being hacked. If a hacker or a bot attacks your device with malware or virus, they would have quick access to your data the minute you type in your master password. This is a risk if you did not install any malware protection on your device. You may want to invest in anti-virus software for your devices.
Poor or Unreliable Password Manager
This is an obvious risk. If you use an unreliable program, it may not even protect your data enough. You will see a list of the most secure password managers below to help you avoid this massive risk.
Losing Your Master Password
Another obvious risk of using this program is when you forget your master password. Although you can always reset it, it can still be risky. It is also highly irritating if you forget your master password. What if you currently don’t have access to your 2FA application, email, or mobile phone? This presents complications especially if you need urgent access to your accounts.
What Are the Most Secure Password Managers?
We have already compiled a list of the best password manager software for secure storage. Some of them are free and others are paid, and all of them offer varying features and levels of security. You may want to take a look at them to find the one that suits your needs best.
But to mention a few, LastPass has been one of the most trusted software and it has lived up to its reputation for several years now. It has a simple and user-friendly interface. Dashlane is also a great password manager that is safe and easy to use. Aside from managing and securing your passwords, it also acts as a digital wallet application.
Here are some considerations when choosing the right password manager for you.
Reputation and Ratings
You might think it’s not that much of a deal but ratings from users actually say a lot about security applications. Read reviews and try to see where each password manager fails and where it succeeds. Though new ones are definitely worth considering, it’s still better to go with those that have been trusted by users and have established that they are reliable and secure.
Layers of Security
As mentioned, no security measure is 100% safe so it’s important that you choose software that has multiple layers of security. Does it have 2FA features? Can it alert you when a password you have created is weak and is prone to be compromised? These are all important factors to consider. You may also want to check if it offers a backup of your passwords and data.
How many passwords can you store using this software? If possible, look for one that allows you to save unlimited passwords even though those may require a subscription or a one-time purchase.
Cloud and Offline Storage
Password managers are safe when they offer both cloud and offline storage. This is in relation to having a backup of your passwords. Browser-based systems often use cloud storage. These are safe and very easy to use since it can fill out your passwords whenever you log in online. One disadvantage is that if you choose one password manager for one browser, it usually cannot sync it with other browsers. You will have to install one for each of them if you’re used to using multiple browsers.
Other important features to look for are browser extensions and auto-save features. It’s also important that the app is user-friendly. If the password manager is not easy to understand, you may be discouraged to use it and just go back to creating weak passwords and compromising your data. Check if the interface is intuitive and does not have a high learning curve.
Pro Tips on Creating Strong Passwords
The most important thing to consider when creating strong passwords is that each one must be unique and not easily guessed. Do not use information that people may already know or easily access like your name, birthday, or even your pet’s names. Here are some parameters that you can follow to create strong passwords.
- Make it a minimum of 12 characters. This is long enough so that even machines or bots cannot easily guess your password. A password with six characters, for example, can be easily cracked by using software that randomizes characters and numbers. The longer your password is, the better just as long as it’s not too long that you can no longer remember it.
- Include multiple variables. Do not just use letters but add numbers, special characters, symbols, and if the website or application allows it, add spaces as well. The more you mix it up, the harder it will be to crack.
- Don’t go for obvious substitutions. For example, if you decide to use your name and your name has the letters O and E, you may be tempted to simply substitute them for the numbers zero and three. That is a very weak password, and even a novice hacker can easily crack it.
Remembering Your Passwords
Given the tips above, it may be hard to remember your passwords since they use a combination of letters, numbers, and symbols. One way of making them memorable, aside from writing them down, is to think of a catchphrase that is related to that specific website or application. However, it must only be obvious to you. Personalize it as much as you can. Think of Facebook, for example. What possible phrases or even sentences will remind you that this particular password is for your Facebook account? If it’s for Instagram, is there a place or a particular memory in mind that you could associate with it?
Be careful that it is not something known in public. Use those memorable phrases, names, or a combination of words and apply the measures stated on the tips above like combining numbers, symbols, and spaces to substitute some of the letters in them. That said, it still wouldn’t hurt to list down your passwords manually. This is as long as you store wherever you wrote it down in a secure place that only you have access to.
When deciding if a password manager is safe and if it’s right for you, remember to think of your personal preferences and needs. One may offer tight security but might not have some features that are important to your work or online habits. In general, password managers are safe if you know how to implement your own security measures. In other words, taking care to follow the security tips in creating not just your master password but also each individual password that you create.