Expert Tips for Choosing a Password Manager

essidsolutions

For each website you use, app you install or service you consume, there is the need to create and remember yet another password. This can be manageable for a few sites, perhaps even a dozen or so. However, according to researchOpens a new window from Dashlane, the average number of accounts registered to just ONE email address is 130, and that number is doubling every five years.

Even if you have a photographic memory, keeping up with over a hundred username and passphrase combinations is nearly impossible. Certainly, be superhuman if you’re able. But, for the rest of us, we need help keeping up with them all. Here are some basic tips to help keep your data secure.

Never Leave Your Passwords in Plain Sight

If you must write down your credentials, remember to store them in a well-secured location that is accessible only by you and away from your computer system.

The problem with using pen and paper to keep up with your security credentials is that unless you have only one computer, no mobile phone and don’t leave the home much, it’s a pretty inconvenient solution. The reality is that most folks today have a laptop and/or a tablet, and at least one mobile phone. Accessing stored credentials at home or away and syncing them across multiple devices securely are necessary for most of us. This is where password managers come into play.

A password manager makes you less vulnerable online by generating strong random passwords using a high level of entropy, syncing them securely across your browsers and devices, and filling them in automatically for you when needed. Keep in mind that some websites may not work well with the auto-fill, but you can easily copy the password out of your vault, switch to your browser and paste the password into the required field.

Do not confuse password managers with the storage of your credentials within your web browser. These browser password files are less secure than using password managers. For these reasons, they are not recommended. On the other hand, password managers are feature-rich, secure and highly recommended by security professionals worldwide.

Remember Your Master Password, or At Least Store It

A core concept central to many password managers is a “master password.” By setting a master password with your password manager, you will be prompted for it whenever retrieving another password stored in the manager’s vault.

This is where password managers have a single point of failure. Should you forget your master password, only one vendor, LastPass, will provide you a password hint. If you cannot recall your master password, you’ll be permanently locked out of your vault and forced to reset all your passwords again for every website, app and service. For this reason, it is recommended that you store your master password on a USB key (thumb drive) and keep it in a safe location. To do this, just use Notepad to type your master password into a text file that is saved onto the USB key.

The vault that contains all your military-grade encrypted passwords may be stored locally on your system or in the cloud as a hosted service from the vendor.

Services that store your password vault in the cloud allow you to easily synchronize your data across multiple devices and provide the additional security of having a cloud-based backup of your vault should you have a total system crash.

Know the Vendors

Determining whether to use the vendor’s cloud services is a personal decision based on your comfort level of having your personal data stored on their servers. By default, most vendors use the cloud-based approach but offer you the option to disable the synchronizing with their cloud storage. However, there may be a licensing fee to control where your vault is stored.

Another major concern when selecting a password manager is which operating systems and mobile device platforms are supported. You will want to first ensure that if you’re planning to synchronize your vault across all your devices that each of them is supported by the password manager.

The following table breaks down each of the top vendors in the password management space, along with links to their websites for you to learn more about each solution.

With password managers being marketed towards the masses of home and small business users, most vendors have designed their installation packages to be simple and straightforward. The average reader should have no trouble installing and configuring any of those listed above, but my personal observation is that the open-source project KeePass is probably the most complicated of the group for home users and LastPass perhaps the easiest and most feature-rich for the price.

Vendor   Top Features  Platforms  Pricing  Official Website
 1Password  Unlimited passwords, credit cards, secure notes, plus 1GB secure document storage  Mac, iOS, Windows, and Android  $4.99/mo for a family of 5 when billed annually  https://1password.com/Opens a new window
 Bitwarden  100% transparent open source software hosted on GitHub and everyone is free to review, audit, and contribute to the codebas  Windows, macOS, Linux, iOS, Android, all major browsers  Free for personal use (open source)  https://bitwarden.com/Opens a new window
 Dashlane  Free version for up to 50 passwords on 1 device, Premium features unlimited password storage, synchronization, auto-fill, dark web monitoring and VPN  macOS, iOS, Windows, Linux, Chromebook, and Android  Free, Premium
$4.99/mo, billed annually		  https://www.dashlane.com/Opens a new window
 KeePass(X)  Auto-fill Passwords, Portable (no installation required), Password Groups, Multi-User Keys, Extensible via Plug-ins and Extensions  Windows, Linux, Mac OS X, BSD  Free (open source)  https://keepass.info/Opens a new window
 Keeper  Two-Step Verification with Smart Watch, Fingerprint or YubiKey MFA, Hotkey KeeperFill™ Auto-Fill, Major Browser Support, Emergency Access for up to 5 Contacts  Windows, Mac, Linux, all major browsers  $5/mo for a family of 5, billed annually  https://keepersecurity.com/Opens a new window
 LastPass  Password Import, Built-in Password Generator, Secure Notes and Password Sharing, Online Shopping Profiles, Family Manager Dashboard  Windows, Mac, Linux, all major browsers  $4/mo for a family of 6, billed annually  https://www.lastpass.com/Opens a new window

Try out one of the password managers above on your mobile device to get a feel for how they work. If you don’t like one, move on to another. Once you’ve found one that you’re satisfied with, then you can install it on your other systems and explore the password synchronization.

With password managers being marketed towards the masses of home and small business users, most vendors have designed their installation packages to be simple and straightforward. The average reader should have no trouble installing and configuring any of those listed above, but my personal observation is that the open-source project KeePass is probably the most complicated of the group for home users and LastPass perhaps the easiest and most feature-rich for the price.

Contact ESSID Solutions

    By clicking Send Message, you agree to our Terms of Use and Privacy Policy.

    Reach out to us for a free consultation on big data consultancy and development services.

    Contact

    Rua Alexandre de Sa Pinto 143
    1300-034 Lisbon
    Portugal

    [email protected] +351927159955
    Privacy Policy Terms of Service Refund and Returns Policy

    © 2024 ESSID SOLUTIONS LDA