Every person who uses the internet no doubt subscribes to at least a few services that require a password to allow access. From emails to shopping catalogs to your bank account, you need a password or pin to keep unwanted visitors out of your account. The effectiveness of your password determines how secure your account is. Generally, IT specialists recommend a long password that uses a mix of letters, numbers, and symbols, uses capitalization and uses a phrase rather than a single word. They suggest that you use separate passwords for each of your accounts so that a breach of one does not compromise your other accounts.
This advice follows observations made by IT specialists on people’s behavior when it comes to creating and using passwords. Some studies show that many people commonly use some passwords. They include qwerty, asdfghjkl, password1, and 123456. Not surprising then is the fact that these are the first passwords hackers test. The second bad habit is the reusing of passwords on multiple accounts. This is dangerous because if a hacker cracks the password in one of your accounts, they can access your other accounts with similar passwords.
The problem with the advice concerning coming up with secure passwords is that you will end up with several complicated passwords you need to remember. Unless you are a savant, you will have a hard time trying to memorize many different unique passwords and keeping up with which account each password belongs to—cue in password managers. A password manager will save your login credentials for each account and auto-fill them the next time you visit the website.
Built-in web browser password managers
Some browsers, like Chrome, Firefox, and Safari, are designed with built-in password managers. Whenever you log in to a new account, they ask you if you want to save the login credentials in their database. If the browser requires you to log in, this option is even better as you can access the saved passwords form different devices. The advantage of built-in browser password managers is that they are free. Your data is secured by the same encryption and multifactor authentication features used by your email, device, or cloud storage security features. The disadvantages are that your passwords are only saved on that browser and that their features tend to be rudimentary (compared to a specialized password manager) and quickly become outdated. Furthermore, they typically don’t have a sharing feature.
Third-party password managers
A third-party password manager is a service you pay for that manages your passwords for you. Even though built-in browser password managers can also generate passwords for you, third party password managers allow you to customize your generated password, for example, by length and number of symbols. Other advantages include the fact that they allow for installing the password manager extension on browsers like Firefox and Chrome. This means that you are sorted whether you are using your usual browser or not.
Furthermore, a full-featured password manager can store data for multifactor authorization and generally has more robust encryption than browser-based managers. Some even have vaults where you can store sensitive documents and allow sharing so you can share your credentials with authorized members such as family or staff. One downside is that one manager has access to all your passwords, so if it is compromised, you are in trouble. Another disadvantage is you can lose all your passwords if you forget your master password. Generally, the price you pay for the password management service is worth the quality of service you receive.
Companies and websites are hacked all the time. It used to be a rare occurrence in the past, but now it’s something normal. For security purposes, company websites these days salt and hash passwords using cryptographic ciphers. Salting means adding random bits to your password. Hashing means creating a digital fingerprint to represent your password. A hacker with enough processing power and enough motivation can crack hashed data given enough time. Generally, a secure password like the ones listed above will take a shorter time to crack than a strong password.
Typically, hackers extract data during hacks then disappear for a few months. In this period, they are usually trying to crack the data to obtain useful information. How strong a cryptographic cipher the website uses is a factor in how easy your data is to break. Also, if your password is ‘password,’ it will be cracked much faster than if it is ‘G33ydk2qB#^KUh5N’ or another string of random gibberish. This extra work you put the hacker through buys the website time to discover the hack, investigate it, and finally report it.
As was mentioned, a password manager will help you formulate strong passwords, and it will also store them for you. So how do you select the correct password manager for you? Here are some tips
- Check their reputation – You don’t want a password manager with security flaws or that frequently gets hacked. You can search for the name + words like ‘security flaws’ or ‘hacked’ to get a preview of their background.
- Platform support – The right platform should offer a platform that integrates with multiple operating systems.
- Secure encryption – Your password manager should encrypt your passwords using a strong cipher.
- Browser support- You want a password manager that integrates with many browsers. You can check the browser’s extension store to see if the browser has an extension for your password manager.
- Syncing – Your password manager should be able to sync your data through services like Dropbox. You don’t want to change your password in one device and manually do it to all your devices.
- Security audit- A good password manager should tell you which of your passwords are old, duplicated, or week that way; you update them accordingly.
These are a few ways you can assess the available password managers when you want to settle on one.
You can also visit links like https://nordpass.com/download/firefox/, where you can find browser-specific extensions.