Password managers aren’t exactly a new idea, but in recent years their popularity has increased dramatically as everyone creates an ever expanding amount of online profiles, and accounts across the internet. These days it’s not uncommon for a person to have dozens of logins that enable access to financial institutions, online stores, and social media sites and etc.
Password managers promise to help manage the plethora of data by keeping it in one place as well as generating strong passwords to accompany each login. All you have to do is remember the master password, and the password manager will do the rest.
But what happens if the password manager suffers a security breach?
That’s exactly what happened last month to LastPass, a popular, cross-platform password manager. It’s bad enough when one of your accounts is compromised, so i am sure you can imagine the conern from everyone when LastPass announced they had been the victim of a hack that exposed users’ email addresses, encrypted passwords, and cleartext reminder hints.
Single Point of Failure
Password managers can be some of the biggest targets for hacks on the internet, because if someone is able to breach one enough then they have thousands, potentially millions of people’s “digital keys” and can take over their online lives.
Security conscious companies will require employees to change their passwords every 90-120 days, and strong passwords are strictly enforced. Not allowing users to reuse any of the last 10 passwords, So many employees of those companies just write down their password on a Post it note and stick it to their monitor, or under their keyboard.
But are Password Managers Safe?
Probably so, if used correctly. They are definitely safer than many of the so-called crafty places people come up with to hide their password near their desks.
I’ve personally used LastPass across multiple devices for a number of years, and if you’re considering using any password manager i would strongly encourage you to heed the following advice:
- Make sure you’re operating a virus and malware-free computer. Keep your Ant-Virus updated and don’t click on suspect links.
- This one is critical, Enable multi-factor authentication, this gives you another strong layer of security in the event of a security breach.
- Secure your mobile devices with passwords, PINs, or pattern locks.
- Memorize a strong master password(the longer, the better, complexity doesn’t actually matter much) for the password manager.
- Your password manager login should timeout after minutes of inactivity.
What have been your experiences with password managers? Have they made your life easier?