21.03.2021

Password Managers – Do yourself a favour and get one now!

Weak and common passwords have been a thorn in your IT departments back for decades. Strong and hard to remember passwords have been a thorn in the average users back for the same amount of time. We all understand the importance of smart passwords and how they protect us, yet finding a balance that works for both sides continues to be elusive. IT departments enforce draconian password policies, everyday users push back, management cries foul and password policies get reversed to appease the masses, while attackers rejoice. So what’s the solution?

Password managers have been around for many years. Yet, not everyone uses them. Many don’t understand their purpose, some don’t know they exist, the rest just don’t care. How do we fix this?

We should begin by identifying popular Password Managers. This list is by no means exhaustive. There are others, however in my experience, these 3 come up most often.

  • Keepass
  • Lastpass
  • 1Password

What is the purpose of Password Managers?

In simple terms, password managers are supposed to eliminate the struggle of juggling strong/unique passwords for everything that may require passwords. This ranges from your computer login, online services like Netflix, Facebook, your online banking, email, and pretty much your entire online life.

How Password Managers make our Online Life Easier?

Password managers like 1Password, LastPass and others have extensions that plugin to our favourite browser as we navigate online. As you login to Facebook, Twitter or other sites, the extension saves your login username and password. It stores that information in it’s database for later use. Next time you visit that site, the browser extension performs a database lookup and auto-fills the information for you.

Advanced Features

Modern Password Managers have cool features like password generators. No longer do you have to struggle trying to come up with strong and unique passwords. The Password Manager will automatically create a randomly generated password for every new site profile you create. Other cool features include password verification against known password breaches. Periodically 1Password will check your chosen passwords against this vast online repository of known breached passwords. If one of your passwords happens to be in an on-line dictionary 1Password will alert you and suggest password change. Lastly, Password Managers have the flexibility of storing not just passwords, but for example your could store credit cards, software license keys, notes and many other items deemed private and sensitive.

Using Password Managers

Myself I’ve been using password managers for at least 10 years. I have well over 500 entries in my password manager for choice. Yet, I do not know a single password stored within it. You see, I let the password manager generate a unique 12-15 character password for every service, website, server login, vpn login, email login. I mean absolutely everything. My password manager is cross platform, meaning I can use it on Windows, Android, iOS and Mac. They are even working on a Linux version. In my case, creating new website profiles is super easy, retrieving login information for existing websites is also a breeze. My Password Manager is part of my login process. It’s a few extra steps but in the end I feel like I have a handle on passwords. None are weak, common or easily guessed. I don’t have to remember, write down or fumble with these passwords. Even on my Android device the process of retrieving passwords for websites or Apps is super easy and requires a few extra clicks, but again Its all about better password management.

My Recommendation

I highly recommend Password Managers to everyone. Forget fumbling with passwords, or trying to come up with some scheme to generate or remember passwords. That’s way to much effort. Let the Password Manager do the hard work.

Why you need Managed Security Services?

Most networks are compromised as a result of the most common, textbook vulnerabilities. These are not sophisticated hacks requiring deep infiltration or complex exploit code. Most are exploited through “low hanging fruit” like:

Passwords
Legacy protocols
Lack of security policies

Contact us or call toll-free: 1-833-630-2888