Password manager: what it is, how it works, what it is for

August 04, 2022
Read
Password manager: what it is, how it works, what it is for

Password manager

Many of you will already be familiar with password managers, or may have just heard of them, yet they are a very useful, if still underestimated, tool. A survey conducted by OnePulse and shared with TechRadar Pro revealed, in fact, that only 27% of 1000 users surveyed recognize the usefulness of this tool, while 26% are in the habit of saving their passwords in ways that are not the same. all safe (for example on Excel or Word files, or even worse on Notepad .txt files).

But what exactly is a password manager? And why should you stop underestimating it? Let's start with a premise: very often, your username and password are the only element between you and an online service where sensitive data, or sensitive information such as bank details and credit card numbers, could be stored. As you can imagine, these passwords can be intercepted in various ways, through database breaches, through malware installed on your computer, and so on. Therefore, the need to find a more secure way to store your passwords is not so far-fetched. But there's more: how many times do we happen to reuse the same username and password combination on multiple sites / services? Maybe out of laziness, or to not have to memorize too many passwords, the fact remains that this is a much more widespread habit than you might imagine. Therefore, the combination "passwords saved in easily intercepted files" plus "passwords repeated on multiple accounts" becomes a potentially explosive mix: let's imagine that a database where your credentials are saved is hacked and a cybercriminal also gets hold of your combination username / password of a given service. Very often, those who get hold of credentials will try to use them on multiple services, relying on the fact that, statistically, it is very likely that that combination will give access to multiple sites. And what if this concerned your personal email? Imagine a reset of your accounts. And believe me when I tell you that many Steam users or other videogame platforms know what I'm talking about. The risk, therefore, is that of seeing entire accounts disappear in which you may have invested a lot of time (and possibly money), or even worse, being intruded on your payment account. A real nightmare, isn't it? This is why we need to rethink the usefulness of password managers.



Having to remember passwords can be really frustrating

What is a password manager and what is it for?

if ( jQuery ("# ​​crm_srl-th_hardware_d_mh2_1"). So, once you have installed the app and configured the service, with a single master password, you will unlock the list of your passwords that you can consult, copy and paste on web pages and applications for logging in. Some of the best password managers allow you to automatically fill in the fields. A nice extra, if you ask me, especially if you want to avoid manually typing a very complex combination of characters or if you have to go and look for your credentials in an endless list of accounts.

Your password manager, though , depending on what you choose, it can offer you much more. Let's first see how it works at a basic level, before delving into any extras to evaluate.

How does your password manager work?

Whether you choose Bitwarden, 1password, Dashlane or one of the password managers possibly integrated into your antivirus package or your subscription to a VPN service, usually a password manager works like this: once installed, a so-called "vault" is generated, a secure destination that can be generated locally, within a folder on your system and / or in the cloud, generally protected by encryption. Therefore, in order to access this sort of digital safe, you will need the combination, or the "master password", a password defined by you when configuring the service, which will allow you to decrypt the vault and access the your list of credentials and passwords. Imagine the vault as a sort of database: each URL will correspond to a set of username and password stored by the password manager upon first access (or after importing a list of passwords from another program, such as your browser). There is usually also a small search engine within your vault, to speed up the identification of the credentials you need. Finally, most of the time, your access data are organized into tabs, within which you can not only consult the data but also modify them on the fly, often with a convenient button to automatically copy the password or user name in the Clipboard.


These, basically, are the functions that you will find on the vast majority of password managers, whether they are free or paid, desktop or mobile. However, some developers offer extras that may make a given password manager even more useful or appealing. Let's see what it is.



Stealing passwords could allow malicious people to access your bank accounts

Password manager - What extra features are worth having?


Another feature not to be underestimated is the verification of the integrity of passwords: have you created a password that does not respect the basic security criteria? Let's face it, at least once we will have created something stupid like "name + date of birth + year of birth", perhaps not at the level of those who literally write "password 123", but still easy enough to recognize, to the point of constituting a possible risk . Well, many password managers will notify you of the presence of passwords that it would be better to change, even better if in combination with the password generator.

Another risk factor, as we said at the beginning, are repeated passwords. Again, many password managers will warn you if you have two or more accounts with the same password.

Rarer, but no less useful, features are automatic changing of weak passwords and network auditing for breaches (a feature we find more often in security suites). Often these are extra levels unlockable with higher level (and therefore more expensive) subscriptions or with more annuities, but it is a plus that could really make a difference for some.

Another interesting aspect, offered by some brands, is the ability to share files and documents via secure links. Something similar to WeTransfer, but, basically, without size limits. Among the companies offering this extra, we mention 1Password which introduced this feature recently. What remains to be considered is whether the service forces recipients to create an account or allows them to download files regardless of whether they have a login. 1Password belongs to the second category, in this case.

Finally, not all password managers offer access to the vault and the master account via multi-factor authentication. For us this is a very important element, because it significantly reduces the risk of being hacked into the main account (it is rare, but it can happen). Having the ability to use a PIN, Windows Hello, fingerprint or face recognition, especially from mobile, should be the norm on all password managers on the market. Unfortunately this is not always the case, but we hope it will become more and more a standard. In your evaluation of one password manager rather than another, evaluate all these additional functions, especially those that are more in line with your needs, however 2FA should always be a fundamental requirement.

Conclusion

Many of us may be inclined to continue with the old method of Word / Excel / Note files, some even may still use pen and notebook. But based on our personal experiences and considering how user friendly password managers are now, we strongly encourage you to reconsider. Using a password manager can help you better manage your online access, adequately differentiate your passwords, make sure you have all your credentials at hand, regardless of the device in use. Online security is an increasingly important factor and, in our opinion, using a password manager is a smart choice.

Of course, the market is literally flooded with password managers - there are all brands and prices , free and premium. Choosing can be difficult, and if you really don't feel like taking a look at our guide above, here is a small recap of the best password managers currently available to you. Our advice is to choose one and start managing your passwords more wisely.




Bitwarden, an outstanding open source password manager

Bitwarden is a great open source password manager that we particularly liked. The free plan itself is really great, with unlimited passwords and devices, and offers two-factor authentication, and reports on possible breaches, as well as apps for major desktop and mobile environments, as well as a huge range of web browsers , including Tor.

SEE OFFER




1Password, a great password manager for teams and families as well

1Password is a password manager who has a particular focus on teams and families. In fact, the company focuses heavily on password protection at the level of the entire family or work team, not only through management and saving on encrypted vaults, but also through tools to combat keyloggers and phishing attempts.

SEE OFFER




Dashlane, one of the best password managers ever

Dashlane is one of the best password managers, available both in free and paid version, but already the free version is quite remarkable. In any case, the Premium version covers unlimited devices, monitors the Dark Web for up to five email addresses, and, among other things, allows you to change weak passwords directly from the app on supported sites.

SEE OFFER

Read also: VPN: what it is, how it works and what it is for




Tags :
Next Article




Powered by Blogger.