Password managers are an important security measure to have. If you are unaware of what password managers are, this is your chance to learn what it is about. In this guide, we would look into password managers and why they are beneficial. Read through keenly as we unfold the details on password managers.
What is a password manager?
A password manager allows individuals and businesses to save and manage all their passwords from one safe space. Thus, users will no longer be required to remember multiple passwords. All they have to remember is their master password which unlocks their password manager. Most password managers are accessible across different platforms and devices, making password management hassle-free.
How does a password manager work?
Password managers should ensure that the data you store is only accessible to you. This is made possible using the zero-knowledge architecture that most password managers adopt. This architecture ensures your data gets encrypted and decrypted on the client side using your master password.
This password is only known to you and will not be stored anywhere in the password manager’s servers, ensuring that only you can access your data from your vault at any given time. Even if your password manager were to undergo a cyberattack, the attacker would not be able to view any of your passwords in plain text without access to your master password.
Types of Password Managers
There are multiple ways to categorize password managers. However, this time we want to present three technologies and explain how they work. We must also point out that some providers offer multiple methods to save your data. Most of them will require you to use a master password that protects your vault.
Here are the three types of password managers:
- Locally installed or offline password managers
- Web-based or online password manager services
- Stateless or token-based password managers
Let’s explore each of them more thoroughly.
Locally installed or offline password managers
As the name implies, locally installed password managers, also known as offline password managers, store your data on your device. It can be your computer or a smartphone, depending on your preference. You will find your passwords in an encrypted file, separately from the password manager itself. Some managers also allow storing each password in a separate file, greatly increasing overall security.
As always, you need a master password to access your offline vault. If it’s a strong one, there’s a minimal chance that either the government or some hackers will break into your local database. That’s because brute-forcing military-grade encryption requires a significant amount of time. What’s more, if you keep that device with all passwords offline, there’s no way to access it without seizing it.
Naturally, offline password managers have some inherent flaws. For starters, using them on multiple devices might prove challenging. There’s only one location, and other devices somehow have to sync with the one that has the vault. It usually means having your device with the locally installed password manager online, so it becomes accessible to third parties. Finally, if the device with your offline password manager breaks down and you have no backup, be ready for some tedious manual labor.
If you have an offline or locally installed password manager, then your passwords are stored locally! To be more precise, it’s the device that you’ve chosen for your vault. However, there’s a possibility to synchronize the passwords between multiple devices, which means all of them must be online. If you want even more security, you can save your passwords on different files, requiring a unique key for each.
Web-based or online password manager services
By far, the most popular type, web-based password managers, store your passwords on a cloud, which is usually the provider’s server. Such a setup means that you can access your passwords from everywhere anytime, without the need to install the online password manager software. If accessing your vault via a web application is not possible, you would only need a browser extension or a mobile app.
But how can one know if their passwords are not accessible to the provider? Well, all reputable online password managers use zero-knowledge technology. It means that they encrypt the data on your device before sending it to the server. It also means that your vault is available for access attempts to third parties 24/7. What’s more, all security measures mean nothing if there’s keylogger malware on your device, and you’re not using two-factor authentication.
Finally, you should expect to pay for a web-based password manager. There are great free versions to choose from, but some features like device limit or dark web scanning will always be premium. That said, most paid online password managers will not break the bank, especially if you commit long-term.
Chances are you went for the online (or web-based) password manager. In this case, your passwords are stored online! Your vault is on the provider’s server, available 24/7 to you from anywhere as long as you have the master password. You don’t even need to install the password manager client – most of the time, a browser extension will suffice. Sometimes you can access the vault via a web application available on the provider’s website.
Stateless or token-based password managers
Last on the list is token-based or stateless password managers. In this scenario, a local piece of hardware, such as a flash USB device, contains a key to unlock your particular account. There’s also no such thing as a password vault because the password manager generates them anew every time you log in. For additional safety, we recommend using not only the token but your master password too. This way, you’ll be implementing two-factor authentication.
Stateless password managers don’t require synchronization between your devices because there’s no database in the first place. In a way, that’s also safer because there’s no place where a hacker can find all your passwords. Although, one can hack token-based passwords if she or he knows the master password and one account.
Contrary to online password managers, these are usually free and open-source. That’s why they are not particularly recommended for amateur users because all the support they get will be from forums and knowledge bases. On top of that, you will need a smart card reader or a USB stick to generate tokens.
And if you find yourself with a token-based password manager (also known as a stateless password manager), that means your passwords are stored nowhere! How can it be so? Well, as the name implies, there’s no password vault, only token generation whenever you access a specific account. One can generate a token on an external device, such as a USB stick.
What can a password manager do for your enterprise?
Any basic password manager can act as more than just an easy-access repository for passwords. It can help teams and individuals:
- Avoid password-based cyber threats for their personal and work accounts
- Improve user productivity by automating the authentication process
- Save time, effort, and money spent on creating and resetting passwords
Benefits of a password manager.
One password to rule them all
A password manager stores all your passwords in a single account. The master password to your safe is the only password you’ll ever need to remember. To take security up to the next level, you can link your password manager with your biometrics, so you only need to use your fingerprint to access the passwords.
Generate random passwords
Password managers can generate random passwords for each of your accounts. Password cracking programs are designed to guess the most common passwords first, so completely random passwords will always be far stronger than those you come up with off the top of your head.
Simple access to multiple accounts
You can log in to accounts easily. Once you sign up for a password manager, you can install a browser extension that will autofill logins for you while still storing them securely.
Easily change your passwords
Password managers make changing or resetting passwords a breeze. If a website you have an account with has been hacked, you can stay secure by using a built-in password generator to create a new password.
Some password managers can even reset your passwords with the click of a button. You can also choose to change all your passwords periodically for optimal security.
Use the convenient autofill feature
You can still use the form autofill feature when you have a password safe. Instead of letting your web browser save your form information, entrust your password manager to store your personal details safely.
Share passwords securely
You can share passwords to joint accounts with family or co-workers. Of course, it’s generally not recommended you give away your personal passwords, but for shared accounts, a password manager gives you the option to control who has access to passwords.
Store more than just passwords
Answers to security questions, shopping profiles, memberships, and medical prescriptions are just a few examples of additional information that can be stored securely in your password safe.
Buyer’s guide for Password Managers
Each password manager works a little differently and offers different features. The first step is to identify your needs and, more importantly, your weaknesses. Are you good at coming up with unique passwords, but bad at remembering to update them? Or maybe you’re good at remembering to change your passwords but prone to using obvious ones that any savvy hacker could figure out.
Identifying where you need the most assistance is the first step in finding the right password manager for you. That said, here’s a list of features to look for that can help all internet users stay on top of their password game and keep them safe from security threats:
- Password generator
- Password strength reports
- 2-factor authentication
- Auto-fill web forms
- Password management for apps
- Password management for off-line passwords (such as ATM passwords)
- Automated password change features
- Password syncing across multiple devices
To conclude, Password managers store your passwords in one of two places: the company’s cloud-based server or a vault created on your device. The cloud-based option tends to be more popular, as the vault can be accessed from any device and will be secure even if a computer is lost or stops working. However, some people are more comfortable storing their details away from the cloud. Whichever option you think is ok, should be stated.