Knowledge Hub

Yes, ‘Password Managers’ are safe. Here’s all you need to know

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on whatsapp

Passwords are an annoying but increasingly necessary part of your digital life. Cybersecurity experts recommend that one should create unique and complex password for every single account with a combination of letters, numbers and special characters. This does help to improve the security of your account, however, trying to remember a long list of passwords is a recipe for insanity. Thankfully, there are password managers!


Also Read: Beware of These Cyber Threat Actors in 2022


What is a ‘Password Manager’ and how does it work?

A password manager is a computer program that allows users to store, generate, and manage their passwords for local applications and online services. It encrypts your password database with a master password — the master password is the only one you have to remember.

It’s basically an app on your phone, tablet, or computer that stores your passwords, so you don’t need to remember them. Once you’ve logged into the password manager using a master’ password, it will generate and remember your passwords for all your online accounts. Many password managers can also enter your passwords into websites and apps automatically, so you don’t even have to type them in every time you log in.

There are two key types of password managers. First one is to use a device-based manager that stores and manages the passwords locally. The immediate risk with such password manager is that if the device is corrupted, lost or otherwise inaccessible, access to the passwords is lost as well. The second and most preferred type is a cloud-based password manager that’s accessible from anywhere and can be easily shared across devices.

What are the key features of password managers?

  • Industry-standard encryption
  • Security questions and answers
  • Encrypted file storage vaults for your financial and other sensitive data
  • Site and password breach alerts
  • Syncing across multiple devices
  • Assistance to change old passwords automatically
  • Auto-fill information on forms
  • Two-factor authentication (2FA) or multi-factor authentication (MFA)
  • Fingerprint and facial recognition

Are they safe?

You may be wondering, can’t password managers be hacked too? The quick answer is ‘yes’, but still password managers are far safer than not using one. The information in your password manager is encrypted. Most password managers do not store or have any access to your master password or the encrypted information in your password database. Further, deciphering that encryption is extremely difficult even if the system is hacked.

As an additional precaution, you should ensure that you set up multi-factor authentication (MFA) such as biometric, SMS/email-based one-time password, etc. Some of the best password managers also support authentication via Universal 2nd Factor (U2F) or OTP-based hardware security keys, adding an additional layer of security.

Are there any challenges?

Yes, the risk can never be eliminated and the same is the case with password managers. There are certain challenges such as,

  • All eggs in one basket: You’ve probably heard about not keeping all your eggs in one basket. Unfortunately, that’s exactly what you’ll be doing with a password manager. In case of a breach, you’ll need to take the hassle of changing passwords for all accounts which will take long enough for the attacker to do damage.
  • Choosing a bad password manager: Although password managers are highly secure, they are not fool proof. Password managers can be hacked if your device is infected with malware.
  • Forgetting your master password: In this scenario, most password managers will lock you out of your vault. You’ll have to reset every password yourself. So be sure to write down your master password and store it in a safe place.

Wrapping up

Password managers are safe as well as user-friendly as they take away the need (and the pain) of having to remember a set of complex alpha-numeric words. However, it’s not a bulletproof solution. So, it’s still important to conduct due diligence and make an informed decision.

Leave a comment

Your email address will not be published. Required fields are marked *

Subscribe to Our Blog

Stay updated with the latest trends in the field of IT

Before you go...

We have more for you! Get latest posts delivered straight to your inbox