Estimated reading time: 6 minutes
Password managers help make life easier by being able to store and protect all chosen passwords for an individual. But are they as safe as we believe? Since breaches occur much more frequently, it makes sense to delve deeper into their security.
The Password Manager Predicament
That was my initial reaction to password managers ā another fantastic tool for protecting myself on the Internet, Last but not least, I could gather all my passwords into a single application, create new ones as complicated as I wanted and forget the problem. However, I still maintain the use of two different password managers for two distinct purposes. But over time, I started wondering: are password managers as effective as the companies suggest them to be?
As much as I hate to say it, password managers have made my life a lot easier, and as a rule, they are quite popular among IT gurus. But like with any technology coming, they have their drawbacks. And if youāre using one (or thinking about it), itās important to know the benefits and the risks.
The Case for Password Managers
Letās start with the obvious: It is easy to make use of password managers as something like this. It can create new powerful and exclusive passwords for all the accounts, memorize them and complete the forms by entering them when necessary. And when you deal with dozens, if not hundreds, of accounts, that is a real plus. Well, which one of us can remember all those logins?
Plus, theyāre great for preventing people from using the same password for multiple websites, which while most of us know we shouldnāt do, most of us often do. Rather than just iterate through different forms of the previous password a manager can just regurgitate a string of symbols.
Thatās why security experts recommend them and thatās why I still use them myself. Both online such as LastPass and offline such as Enpass, they all work behind the scenes as you would wish. Password managers also have some measures of security that make it impossible for hackers to break into them. But is that enough?
The Security Risks No One Talks About
Thatās really where the story begins to develop. With password managers being mostly secure, it does not mean that it shall not be breached. I began doing this more after reading about the LastPass breach where in 2022, both encrypted and unencrypted information was taken. Of course, even the encrypted data isnāt safe from hackers if the latter can get their hands on it.
Phishing is another big one. This is where having an exceptional password comes in handy even with a password manager because you can still be conned into revealing your login credentials a tricky thing to do but can happen. If you fall for a phishing site you enter your credentials and your password manager completes it, guess what? Itās a wrap; the attackers got your details. It is somewhat like leaving your key in the door and then allowing the intruder to come into your house.
And letās not forget human error. The security of a password manager is only as good as your master password. If you set something weak or, worse, write it down somewhere unsecured, youāre practically opening the vault for anyone who gets hold of it. I even caught myself thinking, “Should I have made that master password longer?”
Are Password Managers the Right Solution for Everyone?
Hereās the thing: Although the PW manager is efficient and effective, it is also deceived in application sometimes. Looking at them to deceive is possible, and though you might feel like you are bulletproof when using one, you are not.
For example, there is an online manager for significant everyday issues, and an offline manager, for rather important and more significant-seeming matters. In general, cloud-based managers are safe but out of extra precaution, I prefer to take some files offline. Despite such high levels of encryption, the question is often one where it is about how much convenience you are willing to trade for the level of trust you have in third parties.
As we have read there is this master password vulnerability that I mentioned above. Suppose, you have stored all the passwords for all accounts on a single platform and open them through a master password. If that master password is lost or in other terms, becomes an easy target for hackers, everything is for the taking.
Also Read
Are There Alternatives to Password Managers?
Well, then what are the other options available? No, there are some related solutions, which can provide you with the additional level of protection, however. What is picking up some steam is passkeysāa kinder, gentler sibling to passwords that are phishing-resistant by design. Already, applications from Google, Microsoft, and Apple are implementing this, and the future may be password-less.
Two-factor authentication also known as 2FA isnāt far behind, however. This should go without saying, regardless of whether or not youāre employing the services of a password manager. For instance, even if someone gets your master password, 2FA deny access to the account or system. I practice 2FA wherever possible because yes, it is an extra step, but the gain in security is worth it.
Finally, if you still have some doubts about cloud-based managers, you can also use an offline one. Itās a bit more time-consuming, though your data is not processed in a third-party server that is waiting for a leak.
Okay, Let me address this; are password managers as secure as people think they are? The answer to this no-brainer question is; that it depends, just like most things in the technology industry. Itās a great tool for managing your online security but it has to be understood that relics arenāt perfect. However, you must always consider what you are using and augment it with other security layers such as 2FA.
Overall, password managers donāt complicate anything and I am still a huge supporter of them. But using them alone can put anyone at risk of potential danger. So, use them properly stay careful, and do not forget that master password ā at least that was the advice of Passmo.
Discover more from News Round The Clock
Subscribe to get the latest posts sent to your email.
