Featured image of post Why to use a Password Manager?

Why to use a Password Manager?

This post will tell you basics about password managers and why should you use them.

What is a password manager?

Password manager - a software that can store, retrieve, manage and generate passwords. It can help you to improve your security, by not reusing your passwords on multiple websites, and makes your login process much faster, since you only need to remember one secure password from your vault.

There are existing a variety of password managers. from password manager which stores passwords locally, to online password manager which stores passwords online. As from google and other companies, that is an open source ones.

Why should I use a password manager?

The reason is simple: to improve your digital security!

People are simple beings, we can’t think of something really secure, that can’t be easily hacked by a computer or a person that knows important information about us.

Most people are still using passwords like: 12345678, password1, and so on. In the internet, there are available a list of the most common passwords. Of course it’s not secure, since all of them already available in password dictionaries, so your password can be guessed in seconds! But some will use they date of birth, some will use their name, maybe add a minor change to their password, but it is still very unsecure.

Also it is not secure to store your password in a plaintext on your pc and even worse to store it on post note. You will never know when a bad actor has accessed your device or a one of your guests will find and steal your password.

If you are reusing your password on multiple websites, even if one website had a leak of its user database, bad actors will have access to all your accounts with the same password!

It’s recommended to use 2FA for all your accounts, but it’s still not a one solution for all the security problems. because a strong and random password will still be better than a bad one with 2FA.

What Are Important Password Manager Features?

This may vary by person, and personal needs. But here are some of the most important ones:

  • Easy to use - Password manager should be user friendly and easy to use, and also you should be able to easily use it on any device.
  • Secure - Security is very important, especially for a place where all you keys to your digital life are stored. Password manager should be able to encrypt and decrypt your password in a secure way.
  • Easy to manage - You should easily manage your passwords for different websites.
  • Generate - It should be easy to generate a random and secure password and save it in a vault.
  • Warnings - Preferably, it’s should be known when and what websites are leaked your password, so you can be aware of it and change it in time.

Why not to use a browser password manager?

We will take a google (chrome) password manager as an example.

There are a good things like:

  • It’s easy to use.
  • You can use it on any device, where are google services or google chrome are available.
  • It’s syncing with your google account, and everyone has one.

But I would not recommended it to store a passwords, because of the following reasons:

  • You cannot easily export your passwords to another place.
  • It’s as secure as your google account, so if its get hacked, you will lose all your information!
  • You cannot to organize your passwords as you like.
  • There are many stealers that can get on your pc, and steal all your browser data, including your passwords.
  • Chrome doesn’t verify your identity to show a password if there isn’t a password set on your pc.

What password manager to choose?

It depends on your needs, and personal preferences. But I recommend to use BitWarden password manager. It’s one of the most popular and secure password managers. They are offering a Hosted instance on their website and you can use another provider like hostux. Also it can be easily self-hosted via something like VaultWarden.

Of course you can use an offline password manager like keepassxc. It’s should be more secure than an online password manager, since all your data are stored locally only on your device, but when are you using multiple devices, it’s may be a challenge to keep your password database in sync.

Many people using and paying for online password managers like LastPass, DashLane, Proton Password Manager, and others. But it can be as bad, as using a browser password manager. For example there were a multiple lastpass hacks, as recent as of 2022! But a self-hosted password manager can be additionally secured by using a VPN to connect to it or only using it on a home network, without a public access, so you will get all the benefits of an online password manager and security of an offline one.

And there are many, many others. So you will definitely find one for you! even on the first page of google search.

The future

As of now, more and more websites and services are allowing to use of Passkeys. It’s a locally stored encrypted token, that only a website knows, so it can verify your login without a password. And the best part - it’s impossible to hack. Many password managers have begun implementing support for passkeys so that you don’t have to remember anything at all and have a benefit of easily syncing it between devices.

But again, as always, it’s not a definitive solution for all the security problems.

Conclusion

I hope that now you have a good idea of what is a password manager and why should you use it. What password manager to choose. And this post will help one, that suits your specific needs.