Password security is important but not everyone has good password habits. In a global survey, 75% of employees admitted to reusing passwords across their personal and work accounts. This is problematic and can put organizations at risk. One of the ways people solve this problem is by using password managers. But are password managers safe?
What is a Password Manager?
Password managers are programs that store and manage your passwords across all your accounts. Password managers store your passwords in an encrypted database that can only be accessed through a master password.
What are the benefits?
Convenience: Password managers make accessing your accounts easier because you only need to remember the master password. This eliminates the headache of having to remember several different passwords for each of your accounts.
Secure passwords: Password managers can generate random, unique passwords for each of your accounts, removing the effort needed to come up with a different password each time. This is done through encryption algorithms that use a combination of symbols, numbers and upper and lowercase letters. As a result, your passwords are harder to guess, which makes them more secure.
Easy to use: Password managers can lead to a seamless user experience. Some managers can autofill your credentials, meaning they can recognize the URL of a website and enter the corresponding credentials automatically. This can help prevent you from entering your credentials into a fake website.
What Are the Risks?
They’re targets: Although password manager databases are encrypted, they are still vulnerable. Due to the important information they house, they are prime targets for hackers. Password manager Blur recently disclosed a breach that exposed information of 2.4 million users, including their encrypted Blur passwords.
Putting your eggs in one basket: When you use a password manager, you are relying on one program to house access to all your accounts. This means that if your password manager gets hacked, all your passwords are exposed. Similarly, forgetting your master password means losing access to all your passwords.
Autofill: Most password managers use autofill to make it easier for users to log in. The downside of autofill is that it remains a big security risk. Research has found that saved information can be accessed through invisible log in forms that trick your browser into filling your personal information.
Do I Need a Password Manager?
Overall, password managers are considered to be more secure than storing your passwords in a computer file or writing them down. Unlike browser-based password storage, password managers are encrypted, making it harder for outside parties to view your credentials. If you decide to use a password manager, you need to make sure you understand the pros and the cons.
Make sure you do your research when deciding on using a password manager. Some highly recommended password managers are KeePass, 1Password, and Dashlane.
When it comes to security, you should not just be relying on a password manager to keep your accounts safe. It’s still important to use multi-factor authentication and a blend of threat defence techniques (such as email and firewall security solutions) to protect against malware.