Poor password selection enables many data breaches. Also, poor password protection, such as writing your network password on a sticky note and placing the note on the bottom of your keyboard, practically extends an invitation to allow unauthorized access to sensitive material. Companies and individuals can try many different authentication strategies. For example, multi-factor and two-factor authentication ensures that a user is who they claim to be. However, nothing prevents access like a solid, well-protected password, and nothing protects passwords like a password manager.
6 Benefits of Using a Password Manager
Creating a password that’s memorable can also mean creating a password that’s vulnerable. When you start using a password manager, you no longer have to worry about remembering your passwords. Consider these six benefits of using a password manager:
- They can create passwords for you. The best passwords are long, random combinations of letters, numbers and symbols. In addition to being tough to crack, they’re also tough to remember. Your password management tool can either save a long, complex password that you create or it can generate a virtually airtight password for you at the click of a button.
- They can remind you to change your passwords. In good password manager applications, you’re allowed to set up not only passwords but also an expiration date for passwords. When your passwords expire, you press your password generator button and instantly have a new and equally complex password.
- They keep you from using the same password everywhere. Your name and your birthday are easy to remember, so you’ve made “john1275” your password for bank accounts, your online bill-paying accounts, your credit card accounts and every other conceivable online portal. The password manager fixes this problem by storing multiple passwords. Instead of entering the characters into the “password” field, you click a button, and the program enters the characters for you.
- They provide quick access to URLs, which can avert phishing. In addition to storing your usernames and passwords, your password manager can store your login URLs. Instead of clicking that phishing email that looks like it’s from your credit card company, you can login to your password manager, choose the appropriate website, click the login URL and then click to enter your username and password.
- They foil keyloggers. Pieces of malware called “keyloggers” record keystrokes that you make when typing on your computer. Hackers can then sift through your keystrokes to recover important items that you may have typed, such as your online banking username and password. When you use a password manager, you don’t key in your passwords. You click a button, and the password manager pastes them into the field.
- They keep your secrets. You do use a password or passcode to get into your password manager, but then you only have to remember a single password instead of multiple passwords. When you click the button in your password manager to enter a password on a website or when you login to the manager to edit your password data, the password is hidden behind dots or symbols instead of being pasted onscreen.
Types of Password Management Applications
The least secure type of password manager is cloud-based or Internet based. You click a browser extension or plug-in, and the manager enters your passwords. However, these systems store all of your passwords in one place. If a hacker gets your password manager password, then the hacker has all of your passwords. For more security plus the ease of cloud-based access, choose a password manager that offers two-factor authentication.
You can also use password managers that store your passwords on either your computer or on a USB drive. Hackers rarely go after your hard drive, so computer-stored passwords are probably safer than passwords stored in the cloud. USB drives with password-storing smart cards are expensive, but they’re the safest alternatives as long as you keep your USB drive with you at all times.
Your idea to choose “password” or “p@$$w0Rd” as your password offers an all-access pass to hackers that want your data. The same occurs when you use “qwerty” or “123456.” However, if you have a password manager, even your less-than-creative password choices are much more safe. Plus, you no longer have to worry about balancing “secure” against “memorable.”
About the Author: Cathy Christie provides IT security consulting services.