What Are Password Managers?
If you don’t want to go to the bother of learning your passwords then using a password manager may be a good solution for you.
Password managers provide a storage area on your device where you can record all of your passwords, and this storage area will be protected by a master password that you set. Some password managers will automatically fill in forms on websites for you, this makes using passwords for logins very easy. The big attraction of using password managers is that you will only have one password that you need to remember rather than many. This also makes it very easy for you to use very strong passwords and to use different passwords for every website, because you do not have to remember them yourself.
Whilst password managers are very convenient to use there are some risks that you need to think about. The main risk is that if anyone gets access to your master password then they can potentially get access to all of your confidential information. So you will need a strong master password and you will need to keep it very safe.
There is also the risk that if you always use a password manager then you never get into the habit of learning the passwords yourself. If for any reason the password manager does not work or it is unavailable then you can become lost and unable to log into anything. For this reason you need to be sure that you will never forget your master password for the manager.
And it is possible that the password manager may forget or corrupt your information. This may seem unlikely but like anything to do with computers, password managers can go wrong. In fact it has happened to me on two occasions in the last year.. On the first occasion a manager garbled passwords whilst syncing information between a PC and mobile, and on the second occasion the supplier’s software upgrade caused the program to forget everything. So you need to ensure that your password manager creates backup files, or to take a backup yourself by some other means.
Selecting a Password Manager
There are a many password management programs available for PC’s and mobiles and in selecting one to use you need to look out for the following features.
It is very important that the password manager keeps all of your information in a securely encoded or encrypted form so that no-one else can read it. You don’t want give away all of your information if you lose your mobile, or if your computer gets broken into.
A password manager is most useful when it allows you to carry all of your passwords on your mobile, as well as storing them on your PC. So you need to look for software that will run on both your mobile and your PC, and that will keep a copy of your passwords on both.
It’s essential that your passwords are stored in more than one place, so that if you lose your mobile, or your PC breaks down you will not lose all of your passwords. To be even safer select a password manager that will create backup files, and make sure that you create backups regularly.
Most password managers will allow you to keep other confidential information on them, such as phone contacts, notes, passport details and so on. This is a very useful feature to have.
Because you are relying on the software supplier to have good encryption systems, to keep your data safe, and to not go out of business it is best to use well established suppliers with a large user base.
Where are your passwords stored?
A further issue to consider when selecting a password manager is where your password data will be stored.
Some managers only store the data on your PC and mobile. This means that the data is always under your control and can only be accessed by someone who uses your PC or mobile.
There are also password managers that store your data on the internet, or that use the internet to copy and sync data between your devices. These are often known as ‘cloud’ based services. The big advantage of these systems is that you can access your passwords on any computer or mobile, provided you have an internet connection.
In a cloud based system the data is no longer stored under your direct control. You may be concerned that a hacker could break into the data on the internet and steal your passwords without you knowing. Whilst this is possible, the risk of it actually happening is small if you use a reputable supplier. A hacker would have to get through the supplier’s defences, and even then your password data would be in a file that is encrypted with your own password and that should be almost impossible to break into.
Another risk with cloud based services is that if you accidentally give away your master password for the service then someone might be able to login from anywhere and read all of your passwords. This may well be more likely than the risk of your cloud service being hacked.
One way to minimise the risk of your password manager being hacked is to use a password system as discussed in the page on passwords. Using such a system allows you to only record reminders for your passwords, which will be useless to anyone who does manage to break into your password manager.