2022's best place for Cybersecurity Insights and Advice for Everyone

#1 - Signup to our list and get regular insights and advice on how to be cyber safe.

By entering your email address you agree to receive emails from EveryDayCyber. We'll respect your privacy and you can unsubscribe at any time.

Why should you use a Password Manager?

by Cyberguy | Last Updated | June 22, 2022
CyberSecurity - Consumer|CyberSecurity Insights

Why use a password manager? Consumers are more willing to do business digitally today than ever before. Whether they’re opening a bank, mobile phone, or credit card account online, they’re finding the convenience that technology has to offer. Their gateway to those accounts are passwords.

Password Manager Introduction

How many passwords do you have? A study by NordPass revealed that an average Internet user has 100 passwords.

We all have a lot of passwords to handle on a daily basis. We’re all too aware of the huge number of login credentials we have to manage between retail websites, email, social media, and other services.

We now understand why many people use passwords that are easy to guess – they simply can’t remember each and every password they use. It’s not surprising, then, that they use really easy passwords or have a few that they use for all accounts.

The best way to manage and keep secure this  large number of passwords is a password manager.

Do You Have a Password Manager?

A huge number of people in the United States are not taking the essential safeguards to protect their personal information online. This is according to a study by FICO, a leading analytics software company. 

If you’re among the 23% who use an encrypted password manager, you’re on track to securing your information online.

However, if you’re among the 6% who don’t even know whether they use a password manager, you could be headed for trouble. This figure is provided by the 2019 U.S. PaymentsInsights – Technology and Fraud: Consumer Concern is Real.

How Does a Forgotten Password Impact Online Transactions?

One of the biggest headaches facing online users today is the forgotten password

The FICO study shows that 28% of consumers canceled an online transaction while 26% were unable to check their account balance because they forgot their login details.

Forgotten usernames and passwords have also deterred 13% of respondents from opening a new account with an existing provider.

Humans and Passwords

“About a third of online purchases are abandoned at checkout because consumers cannot remember their passwords,” according to a 2017 report released by MasterCard and the University of Oxford.

Passwords are only a small part of the problem, but they are a significant one. Most online vendors, banks, airlines, and other businesses require them but customers can’t remember them all. According to the same report, 51% of people reuse similar passwords.

The study also revealed that after two weeks, 21% of users forget their passwords, and 25% forget one password at least once a day.

#2 So here we are at the middle of the post. We still think it's a good idea to signup.

By entering your email address you agree to receive emails from EveryDayCyber. We'll respect your privacy and you can unsubscribe at any time.

What is a Password Manager and What Does It Do for You?

Brief definition of password manager

A password manager is a piece of software that stores and manages login credentials. It can also generate complex passwords. These data are often saved in an encrypted database and protected by a master password.

After you’ve entered all of your account usernames and passwords into the vault, you only have to remember your master password. By entering your master password, you can gain access to your password vault, from which you can retrieve any password you require.

How a password manager works

A password manager relieves you of the burden of memorizing a huge list of strings of uppercase and lowercase letters, numbers, and symbols, allowing you to focus on more important tasks.

Instead of typing your password into a website, you enter your master password into the password manager. The password manager fills in the necessary login information for you automatically. You don’t have to remember what email address, username, or password you used for the website because your password manager takes care of it.

How a Password Manager Works

If you’re creating a new account, your password manager will automatically generate a secure random password for you, so you don’t have to do it yourself. It can also be set up to automatically fill out web forms with information like your address, name, and email address.

For extra protection, three levels of security protect data that include:

To access password information, each personal account needs its own security key. The data is encrypted by the manager, so only accounts with the correct key can see personal information.

Because the master password is not saved on the system, a hacker attempting to obtain it through personal devices is unlikely. The zero knowledge security concept refers to this third layer of security. To hack a personal password manager, a hacker must get past all three protection measures.

Types of password managers

Password managers come in different categories. While some focus on securing your passwords, others go beyond to provide you with more options, such as accessibility and flexibility. 

Following are various types of password managers and their differentiating factors that can help you make an informed decision.

Offline password manager

An offline password manager keeps your passwords on your device. Depending on your preferences, it may be a computer or a smartphone. Your passwords will be stored in an encrypted file separate from the password manager. Some managers also allow you to save each password in a separate file, which considerably improves overall security.

To access your offline vault, you’ll need a master code or password. If it’s a good one, the chances of  hackers breaking into your local database are slim. This is due to the fact that brute-forcing military-grade encryption takes time.

One drawback of an offline password manager is that you can access your vault on only one device. If you lose this device, you lose your vault.

Online password manager

An online password manager is a web-based manager that stores your vault on the Internet. This may be the provider’s server, a browser, the cloud, or a mobile application. This setup allows you to access your passwords from anywhere at any time without having to install any password management software. 

But how can one tell whether the provider has access to their passwords? Zero-knowledge technology is used by a credible online password manager. This means that before sending your data to the server, the system encrypts it on your device.

An online password manager has its own disadvantages. You’ll need an Internet connection to access your vault. Since it’s web-based, it’s vulnerable to hacking especially if it isn’t protected by other security protocols, such as multi-factor authentication.

Token-based password manager

Also called stateless password manager, a token-based password manager uses a piece of hardware, such as a USB device, to store a key to open a particular account. 

There is no password vault to speak of because the password manager generates the passwords anew each time you log in. We recommend using both the token and your master password for added security. You’ll be using two-factor authentication this way.

Because there is no database, stateless password managers don’t require synchronization between your devices. This is also safer because a hacker cannot access all of your passwords. However, if the master password and one account are known, one can hack token-based passwords.

6 Benefits of Using a Password Manager

It can be challenging for folks to remember complex keystroke combinations and make frequent changes. This leads to a lack of security. Using a password manager may be the convenient  solution to your cyber security worries. Here’s why.

1. You’ll just have to remember one master password

Just one. This password will be used to securely log into your vault, where you can access all of your passwords and other login credentials. You’ll have to say goodbye to your sticky notes that can put you into trouble if you misplace them. You won’t even be required to remember any of your passwords because your password manager will do that for you.

2. Password managers generate strong passwords

All of your passwords will be complex and encrypted. You will not have to make every effort to create strong passwords on your own because the software will do so for you. You won’t have to worry about whether your password is strong enough or whether you used the appropriate combination of characters.

There’s no way these passwords will be based on personal information like the name of your dog, or your hobby. These passwords are difficult to crack. They are extremely long, unpredictable, and complicated. They also use numbers, letters, and characters that can only be generated by a computer.

It would be impossible to remember and securely store these long and complex passwords. This is the job of a password manager.

3. Password managers secure more than just passwords

Many password managers allow users to store and manage more than just passwords and logins. 

They can also let you keep your credit card information so that it may be securely autofilled into a checkout form. This eliminates the need to disclose credit card numbers to employees over the phone or in writing, which puts the information at risk of being stolen.

A password manager also keeps track of all your logins, creates audit trails, and generates reports on data usage. These are useful information you’ll need in cases of data breach or identity theft.

4. Password managers allow you to set security protocols for logins

You may set up security standards for your devices with password managers. For safe access to your vault, you can specify the length and difficulty of your master password.

You may also use two-factor authentication to make your passwords even more secure. Some password managers will also prompt you to update your password manager to the most recent version.

5. Your passwords are accessible across all of your devices

Your passwords are accessible on your smartphone, computer, and tablet as long as you know your master password and download the relevant apps.

You can also trust your password manager if you’re on vacation and need to check medical test results or watch your favorite show. Even if all you have with you is your smartphone, you can get the passwords you need. Additionally, if you change the password on one device, it will be accessible on all others.

6. Password managers allow fast access

Password managers allow users to write a single password and have each access point’s username and password automatically filled in. You’ll spend less time struggling with login screens and password recovery and more time doing the things that really matter.

Are There Risks in Using Password Managers?

Passwords are highly secure when stored in a password manager. The only potential weak link is the master password. It’s your only gateway to all your passwords and online accounts. You lose that master code and you’re locked out.

Each password manager company approaches the problem differently. Some providers may be lenient of a lost master password depending on the circumstances. Others have a zero-tolerance policy. If you’ve misplaced your master password, they are unable to assist you. Many other managers adopt the same policy.

Some providers have their own recovery procedures that you must follow. When you sign up, it’s a good idea to familiarize yourself with the recovery process. It may also be necessary to seek professional assistance. Or you might not be able to do anything at all.

What Should You Do if You Forget Your Master Password?

Your master password is one of the most important passwords to remember. The whole point is: it’s easier to remember and secure one excellent, strong password and let the software generate the others.

Depending on the password management you use, forgetting your master password can be simple or difficult to retrieve.

LastPass, for example, has a guide specifically for master password recovery. In short, you can activate a One Time Password (OTP) to access your vault. You’ll need to use a computer you’ve used for LastPass before for security reasons. You’ll also need access to the email account you use for your LastPass account.

Other password management companies are a little more restrictive. These businesses cannot access or grant access to your account. This means that if you forget your master password, your vault will be permanently locked, even if it’s synchronized across your devices or kept in the cloud.

You may be able to access your passwords if you use the company’s mobile apps and have a device PIN set up. You can then copy the passwords and keep  them safe elsewhere.

The mobile apps do not allow you to update your master password. Your only other choice is to establish a new account or reset an existing one in order to keep your email address. However, doing so wipes out all of your account’s data, so you’ll have to start all over.

What Should You Look for in a Password Manager?

If you’re intending to get a password manager, you should look for features that meet your needs. Here are some of them:

Security

Security is critical because you’ll be keeping credentials for all of your accounts, including crucial platforms like banks. Fortunately, password managers use a variety of encryption algorithms to keep your information safe from hackers.

The current industry standard, AES 256-bit encryption, is widely used. For further protection, password managers offer multi-factor authentication via authenticator applications or, in some cases, physical security keys.

End-to-end encryption is also essential to ensure the security of data in transit.

Many password managers use a zero-knowledge storage approach for storing passwords and other personal data to ensure that your data is known only by you. It also guarantees that your data is safe even if your password manager is hit with a security breach.

Secure password generation

A password generator is included in premium password managers. Password generators are necessary and serve an important part in creating unique passwords. This saves a lot of time and effort, and you won’t have to remember all of the password-creation steps.

Password generators also allow you to customize the length of a password. They allow you to determine what characters, numerals, lowercase, and uppercase letters should be included. Some even keep track of the passwords you’ve generated in case you need them later.

Must have features of a Password Manager

Account recovery options

If there is no recovery option, you would lose access to your vault data if you forget it. Given the crucial role of your master password, it’s critical to look into the recovery options provided by a password manager.

There is no standard approach to recovering your account. Different password managers use different methods. Make sure your password manager provides recovery alternatives and that you understand how they function. Even if you forget the master password, recovery options will assist you regain access to your vault.

Device synchronization

When switching devices, automatic synchronization gives you more options. You can switch to another device and instantly access all of your vault’s current information. This is a feature that all popular password managers have.

Autofill function

Password autofill saves time and effort. There’s no need to type usernames and passwords when logging in to your accounts. This is a basic feature of major password managers. 

File storage

You can save more than just passwords. You can keep personal data in your encrypted vault. File storage is often limited to 1GB, and you may have to pay for it. You can also store and secure files, such as credit cards and passports. 

Support for various platforms

A password manager should, at the very least, support the four major platforms: Android, iOS, Windows, and macOS. A password manager should also offer browser extensions for all major browsers, such as Chrome, Firefox, Internet Explorer, and Safari. This makes filling in your information on any login page a breeze.

Vault storage option

Passwords can be stored on your device or in the cloud using a password manager.

While saving your password on your device is appealing, it has drawbacks. If you lose your device, you also lose all of your passwords, which you may not be able to recover depending on the password manager app you have chosen.

Top Password Managers for 2022

Investopedia examined several password managers to determine the best password managers in 2022. They based their analysis on ease of use, reputation, security features, cost, and quality of plans among others. They came up with the following best password managers for 2022:

Best password managers for Windows for 2022

Best password managers for iPhone for 2022

Best Password managers for macOS for 2022

Best password managers for android

Our final thoughts. So, should you use a password manager? Yes, you should. Password managers are essential tools for staying safe online and being more digitally secure with stronger passwords. Using one is also a rare opportunity to make your online life more convenient while being fully protected.

#3 You really should sign up. "Scouts Promise" ... it really will help you stay cyber safe.

By entering your email address you agree to receive emails from EveryDayCyber. We'll respect your privacy and you can unsubscribe at any time.