Password Managers - How they can make your life easier
20 December 2017
You most certainly are aware of the fact that you should use long and complicated passwords. What is more, you should abstain from using the same password across multiple accounts. Of course, using a different 14-character password for every account you own (and there are usually many of them) makes it almost impossible for you to remember all of your passwords. That is where password managers come in.
A password manager can help you come up with a new password whenever you create a new account. It can also store and manage the many passwords you already own. Some of them even help you fill in login windows, change passwords, or check the strength of your currently used passwords. Think of password managers as your very own security staff that opens and closes doors for you and helps you keep out unwanted visitors. Sounds dreamy, right?
Password managers come in many different flavours: There are stand-alone applications, web browser extensions, and managers built into your operating system. In the following, we present some of the most popular examples and discuss their features.
Built-in tools, e.g. Keychain
MacOS comes with the free and open source password management system Keychain. Keychain files are stored locally on your Mac and passwords and secure notes will be encrypted. With iCloud Keychain, Apple also introduced a tool that functions as secure database, allowing for information to be stored securely for quick access in the iCloud.
Keychain is a useful tool that comes with a built-in password generator in OSX. However, it is limited to one operating system and it lacks advanced features such as sharing passwords with emergency contacts.
Web-based password managers, e.g. OpenID, Microsoft account
OpenID is a single sign-on technique. With this, you have one password that unlocks multiple accounts. OpenID includes various co-operating sites that accept OpenID authentication. Microsoft Account is an example of a service that uses the OpenID framework. It allows users to access various Microsoft services using a single password and the user has the possibility to have a computer remember their login. Microsoft account also makes it possible for users to manage their identity information. For instance, they can update their user’s information, their user settings, change passwords, view billing information, or close accounts.
Generic security issues in OpenID have been reported in the past. A major disadvantage is that these methods require only one passwords and that there is no two-step authentication, which makes it vulnerable for cyber-attacks and phishing. Furthermore, it lacks a password generation functionality.
Free tools with premium tiers, e.g. LastPass
LastPass comes with a web interface, so you can use it on Windows, macOS, Linux, and other Operating systems. It also includes plugins for most web browsers and apps for the major smartphone operating systems. All you have to do is remember one master password and LastPass will take care of the rest. A very nice feature of LastPass is its password entering and form filling function.
I must admit that I have a history of lost or forgotten passwords and it kept annoying me on a regular basis. Since I decided to entrust my password management with LastPass, I can proudly say that the quality of the passwords I use has increased tremendously. LastPass comes with a “Security Challenge” feature that returns an overall score for the quality of your passwords. What is more, it helps you fix and improve weak or duplicate passwords. This tool is easy to use, helps you fill in login windows and comes with a vault where you can store secure notes. If you decide to change your passwords on a regular basis, as it is recommended, LastPass can help you in the process. The time and nerves I save with this tool makes it totally worth paying 2 $ per month. With the payable premium version, LastPass comes with two-step authentication.
Free and open source password manager: KeePass
If you support open source tools, you might want to consider KeePass. It stores your passwords in an encrypted database that you control. Furthermore, they are stored on your own system and will not be synced or uploaded anywhere unless want to migrate them from one machine to another. KeePass also comes with a portable app which enables you to use it on multiple computers. A very nice feature of KeePass is that it can be used cross-platform. It supports Windows, MacOS, and Linux.
If password security is important to you but you do not want to pay for the safety of your passwords, here is a list of free password managers.
A big advantage of online password managers is that your passwords are portable. If your computer is stolen or broken, you can still access your passwords from another device. A major disadvantage of password managers in general is that they are of course a prime target for cyber-attacks. To reduce this risk, we highly recommend using two-stage authentication whenever possible. Still, with an increasing number of online accounts we own, password safety is a major concern and worth looking into. Password managers are easy to use tools that not only help you come up with secure passwords but also assist you in securely storing them. While password managers surely are a target for cyber-attacks, you can increase your password strength significantly by generating them with the password manager and using different passwords for each account.
Interested in further reading on how to increase password strength? Here is comprehensive list of password managers and their features.