Passwords are the first (and sometimes only) line of defense we have when securing our information on the Internet. A strong password is absolutely necessary and, for the most part, human beings suck at creating and maintaining strong passwords. However, password managers excel at this.
So, the short version of this article is, “Yes, you should use a password manager.”
You can stop reading now. Unless you want a few more questions answered. In that case, continue …
How Do Password Managers Work?
Password manager applications maintain your username and password for all of your online logins. The password manager also creates your password for you so that you have a suitably complex password using all of the required characters. But, instead of just writing them down as you might do in a notebook or that handy Rolodex next to your monitor, they use AES 256-bit encryption to secure that information.
The password managers then handle entering your username and password for you. All you have to remember is one master password. And I’ll discuss that little security flaw below.
What is AES-256? The link above will give you a long version of that answer. The short version is that AES-256 is the level of encryption that governments, financial institutions, and high-tech companies like Google, Microsoft, and Apple use. The only person using encryption stronger than AES-256 is Tony Stark (PS – he’s a fictional superhero).
Pros of Using a Password Manager?
They work with stronger passwords than you can possibly remember.
The best passwords look something like this:
6#C0i4SLjzyHnVEHApBF
But neither you nor I nor anyone short of Sheldon Cooper from the Big Bang Theory can remember that. So we’d have to write it down. And that’s a major security violation. However, a password manager can securely track that password for you.
Password managers create stronger passwords than people and use a different password for each login.
Humans tend not to come up with strong passwords because, of course, we have to remember them. And we, as humans, tend to reuse the same password over and over for the sake of convenience. Password managers overcome both of these weaknesses in our online security.
Password managers keep up with data breaches for you.
There always seems to be a new data breach of some kind. Unless you’re really into the tech world’s news, you’re probably not keeping up with all of the breaches. Fortunately, password manager companies do this for you and alert you when a site you use has been compromised.
Cons of Using a Password Manager?
All of your eggs are in one basket.
If someone gets access to your master password, they have access to ALL of your login information.
Hackers go after high-value targets.
Password manager apps are a Fort Knox of wealth. If a hacker can hack into one of the managers, they will have loads of credentials at their fingertips. And password managers do get hacked or security vulnerabilities are found in them:
- 2014 – Security vulnerabilities found in LastPass, RoboForm, and others
- 2015 – LastPass detected an intrusion. Only email addresses were stolen.
- 2016 – LastPass, Keeper, Dashlane, 1Password, and others were caught up in a security flaw.
- 2017 – LastPass had a browser vulnerability discovered while Keeper reportedly exposed passwords to unreliable websites. OneLogin was hacked.
- 2019 – Serious vulnerabilities were found in Dashlane, LastPass, 1Password, and KeePass when running on Windows 10 if a specific type of malware already infected the computer.
Which Password Manager Do You Recommend?
First, not a free one. I’m sure the free ones mean well. But they just don’t have a lot of incentive to keep your data safe. Do you want to do your job for free? Probably not. Companies that have a financial incentive (like keeping food on the table) have more of an incentive to keep the applications updated. It’s worth a little money to get a good password manager.
Keeper, 1Password, and Dashlane are all great choices. But I’m going to recommend …
LastPass
$3/month (at the time of this writing), a free version (somewhat limited) exists, and it works on all major platforms and all major browsers.
Final Thoughts
In today’s security-conscious and hacker-prone era, a password manager is your best bet for keeping your online login credentials secured. They’re not terribly expensive and the price is worth the peace of mind you get (at least in my book).
However, if you simply don’t want to use one of those and you do want to keep writing down your passwords, this article has some helpful tips: How to Create (and Recall) Better Passwords.
