Passwords, the very text combination that secure accounts in the modern days of the internet.
People may have too many passwords to remember. Among other reasons, this is why some may use the same password for different accounts, use easy-to-remember passwords, or simply scribble them in a piece of paper or type them inside an app.
All too convenience? No.
Never ever sacrifice security for convenience.
People are urged to generate passwords that use a combination of words and numbers and symbols. This should make passwords a lot more difficult to track. But since remembering them is difficult, people are advised to use password managers.
Even though it’s not surprising to hear the question “are password managers safe to use?”, the vast majority of cybersecurity experts agree that password managers are indeed the most secure way to protect passwords.
With a password manager, users only need to remember one master password. Use that master password to unlock other passwords that are stored within it. This is why password managers are essential for everyone.
But then comes the question about which password manager to use, or choosing which one is the best.
Some people may have their own favorites. Or others looking to find one.
The truth is, any can do.
Experts agree that people can feel confident with nearly any of them.
The most important thing about password managers, is to use one rather than to choose which one. Any password manager is better than not using any password manager.
The reason is because the differences among password managers are, for the most part, minimal.
For example, some password managers allow syncing across different devices and others don't; some have special features for traveling, while others have slightly enhanced security. Some can remind users to change the passwords regularly and evaluate their strength, whole others can scan the web to check if any of users' logins appeared online.
While any password managers should do most of the job nicely, it's wise to choose password managers that have faced, and also have quickly responded to outside security scrutiny.
The biggest fear of people using password managers is that saving all their passwords in one account with a single password would make them feel more vulnerable to data theft.
That is true.
But having one strong password to protect all other passwords, in a way that encompasses both security and convenience, far outwit the safety of using no password manager at all.
Generally, password managers use sophisticated encryption to protect passwords. Using the industry standard that’s also used by the military, password managers can boast their exceptional strength.
In most cases, it would take more than a lifetime to crack this cipher, so a brute-force attack has a near-zero chance of success.
What's more, password managers use zero-knowledge architecture, which means that users' passwords are encrypted before they leave their device
For people who just need an extra layer of security, they may want to salt their password, meaning that they have to store the passwords inside a password manager, but have a special code they have to know to add into each password that isn't stored inside the password manager.
This way, even when the master password is cracked, hackers won't be able to access any of the accounts, since only the owner know the extra characters.
Having said that, it’s also recommended to also use two-factor authentication (2FA) to enhance safety. Using biometric authentication, such as fingerprint or face scan, can also help.
The Risks of Using Password Managers
While using any password manager is better than using none, there is no way to stay 100% safe online. Even if people use the most powerful and the most reliable password, manager, there are certain risks they should know about:
- All sensitive data in one place: Using password managers is like putting all eggs in one basket. In case of a breach, blocking all accounts and changing all of the stolen passwords can take time.
- Backup is not always possible: Not all password managers offer backup feature, not all have syncing ability, and server issues can happen.
- Not all devices are secured: While password managers can be secured, the device they are installed on, may not. Hackers can exploit systems by infecting them with malware. And this can allow them to record any keyboard activities.
- Forgetting the master password: Password managers require users to remember the master password at all times. Forgetting that master password is not an option.
As seen from the above, it can be noted that some of the risks stem from the password managers themselves. However, others exist solely because of users’ behavior.
This is why, and again, using any password manager is better than not using any at all.
In a world where things are digitized, where people may have accounts for different purposes, there should be a balance between convenience and safety. And password managers should do the job perfectly for most people, if done right.