How Do Password Managers Work? Are They Really Safe?
It's a fact that most people use weak and unsecured passwords and even worse, they reuse them on different websites. There are hacker tools out there that can sniff out accounts using the same password, so if you use one password on all of your accounts and it gets cracked it could compromise every account you have. This is why experts recommend that you use different passwords on all of your accounts. But how are you supposed to create so many strong, unique passwords on all the websites you use? Two words - password manager.
Password managers save all of your login information for all the websites you browse and help you log into them automatically. They encrypt your passwords with a virtually uncrackable algorithm and the only way to access anything in the password manager with the master password. That's the only password you need to remember.
Why you shouldn't reuse passwords
Password reuse is a big issue because of the many password leaks that happen all the time these days. If your password gets leaked as part of some big website breach it could be sold along with thousands of others on the dark web, where malicious third parties could get your email address, username, and password combination they can try on other websites. And if you use the same login information everywhere, a leak from just one website could give them access to all your accounts. If someone gains access to your email account in this way, they could take control of other accounts you own, like your bank account.
To shield yourself from this potential calamity, you need to use unique passwords on every account you have. These would ideally be long, unpredictable passwords that contain upper and lower case letters, numbers and symbols.
The problem is that we all have multiple accounts and remembering dozens of long and complex passwords without writing them down, which presents its own risks, can be quite challenging. The simple and elegant solution to this is the password manager.
How to use a Password Manager
Because the password manager will remember your passwords for you you can relax a bit more and put your brainpower to other uses.
When you first use a password manager to log into a website, you will visit that website normally. However, instead of entering your password into the password field your password manager automatically fills the appropriate login information into the website for you (as long as you're logged in). It won't just remember your password, but your username and all of your user credentials.
Also, if you're making a new account your password manager will offer to create a strong and unique random password for you, so you don't have to worry about that, either. The password manager can be set to automatically fill information like your address, name, and email address into web forms.
Why built-in browser password managers aren't enough
Chrome, Firefox, Internet Explorer, and other web browsers all have integrated password managers, but they're not the best option. These built-in password managers, while competent, simply cannot compete with dedicated password managers. For example, Chrome and Internet Explorer save your passwords on your device completely unencrypted. Anyone could access the password files on your device and view them. This is terrible from a security perspective. On the other hand, Mozilla Firefox has a "master password" feature that lets you encrypt your saved passwords with a single "master" password, storing them on your computer in an encrypted format. Sounds better, right? However, Firefox's password manager has its own flaws as well. It cannot generate random passwords for you and it lacks many other features of dedicated password managers like cross-platform syncing. Firefox and iOS just do not get along, for example.
Dedicated password managers can even help against phishing, unlike their browser counterparts. They can fill account information into websites based on their web address (URL), so if you get tricked by phishing to go into a clone website of your bank's website and your password manager doesn't automatically fill in your data you'll know something is up.
What Password Managers should I use?
There are a lot of good options on the market right now. You could try Cyclonis Password Manager. It has all of the features I've described before like a Password Generator, Password Analyzer, Auto-Fill, powerful AES-256 encryption algorithms, the option to store payment card and personal ID data, dedicated 24/7 support from Cyclonis staff and so much more. The best part is that you can use it for free!
Once you do settle on a password manager, the first thing you will need to do with a password manager is creating your master password. The master password grants access to your entire password manager database, so you need to make sure it's sturdy. Also, make sure it's something you can remember, because if you lose access to your master password that's it. There's no way to get it back or reset it. This is the only way to make sure nobody else can access your passwords. I'm normally against writing down passwords, but if you're not sure you can remember your master password you might have to. Just make sure you store it in a secure location only you have access to.
Once you have created your master password you're ready to start browsing.