How to Choose a Secure Password Manager

Zachary Amos, Contributor

 

Everyone is at risk for an online breach. It’s the reality of the modern digital landscape, but taking steps to increase individual protections is the most helpful energy expenditure amid online chaos.

One of the most popular and accessible tools for personal and enterprise use are password managers or vaults. They are a hub where your passwords reside under additional third-party security measures. These systems often have bonus features to increase cybersecurity awareness and hygiene, but are they the best solution for keeping passwords secure?

The Rising Necessity for Password Managers

The ancient method of writing passwords on sticky notes and putting them on your monitor is unsafe. Other methods like keeping them in Excel spreadsheets, recalling them from memory, reusing the same passwords or saving them within browsers all have their respective security

 vulnerabilities that increase over time. Threat actors invent new methods to penetrate secure systems and manipulate users daily.

 

Despite the rise in cyberattacks — especially since the rise of remote work during the COVID-19 pandemic — password creation and storage still need improvement. Traditional password generation and security methods fail to safeguard user accounts and data, so cognizant online users want solutions to keep themselves away from harm.

If there’s a solution people can outsource to add more walls to their security, people will use them. That’s when password managers become a safety staple.

Password managers decrease the friction people have between safe password tracking and creation. Though making lengthy, unique passwords for every account is in everyone’s best interest, most do not do this.

People don’t want to make an effort or can’t remember to house that information in a secure environment. Password managers keep all passwords in one localized spot — usually protected by one master password only the user knows — while providing tools to generate secure passwords automatically. It eliminates every possible excuse users could have to stay safe.

 

The Marks of an Exceptional Password Manager

The intention of password managers is strong, but not all are created equal. Some password managers could be just as vulnerable to threat actors as keeping passwords on an open notepad. Whether you’re switching providers or on the hunt as a first-time user, there are distinctions between top-tier password management software and ones that don’t have as much value. 

The first way to scope the competition is to read more about the company’s overarching security practices and compliance adherence. Those with robust strategies will publicize this information for caring customers. If a business has no public record of its internal cybersecurity, that’s a red flag.

Organizations that hide their practices may have been part of breaches before. Password management companies like LastPass have recently been under fire, losing countless customers to competitors because of a recent breach from unauthorized parties. These occurrences only signal gaps in their security practices. Cross-platform compatibilities — such as phones and mobile devices — signal strong cybersecurity practices because they’re outfitting the program for vulnerabilities unique to these platforms.

Most password managers make users create master passwords to enter their vaults. Good password managers educate users on how to form a strong master password and should verify account holders don’t reuse the password in other vault entries. On top of the master password, companies should allow additional verification features like two-factor authentication and biometrics.

Finally, password managers shouldn’t just keep passwords safe in a vault — they should include additional security features, including but not limited to:

• Automated checks or scans for data breaches associated with accounts in your
• An extensive process to set up a recovery email account in case of
• Low annual or monthly costs to keep cybersecurity accessible to the
• Prompts to change passwords users haven’t adjusted in a long
• Publicized software patches and reactions to modern

 

The Most Notable Password Managers

Bitwarden is one of the least expensive on the market — it’s free, with a premium version of only

$10 annually. They’re known for their transparency, open-source framework and highly

user-friendly interface. It also has an internal messaging feature that keeps information sharing private.

A pricier alternative is 1Password, which costs around $36 a year. It has all the features you would expect from a quality manager. Still, it also has a travel function that temporarily removes the app’s data from your device while traveling between foreign locales. It stores everything from credit cards to keypad codes.

There are also OS-based password management systems like iCloud Keychain and Google Password Manager. The value here is they integrate with your devices, eliminating the need for a third-party application. Both use layered security to protect passwords even when Google or Apple accounts get breached and are known for their high encryption standards and usability.

 

Entrusting Passwords With Third Parties

Giving your password information to an unfamiliar company may sound unsafe, but it’s one of the best lines of defense. Users who choose reliable organizations to handle their information properly decrease security risks significantly. Though a perfect solution doesn’t exist yet to keep passwords impenetrable, selecting a password manager to supplement existing cybersecurity practices will be a solid option.

Tags: Password Manager

Categorised in: Computer Security

This post was written by Megabite