Password managers explained: The best apps available, and why you need one
Facebook. Twitter. Gmail. Yahoo. YouTube. Reddit. Instagram. Vine. Tumblr. Banking. Each of these services requires a password, and most people will agree that it's annoying to create accounts, as well as to come up with and remember new passwords for them.
But there's a handy little tool that can make your online life just a little bit easier. It's called a password manager. A password manager will ease your brain, save you from headaches and free up time for more productive things rather than remembering a million passwords for a million accounts.
You also won't have to think about email addresses, usernames, credit card information, etc, because your password manager will do all the thinking for you, safely and securely. And if you create a new account it will do that dirty work too. Password managers can generate passwords and auto-fill forms online.
The majority of people make weak passwords and then reuse them for many websites, apps and services - but you don't have to be a part of this bad habit. Be different. Be safe. Your solution is a password manager, and there are plenty of different ones to choose from.
There are ones with extra features, ones that will save in an encrypted format to the cloud, and there are ones that work on and sync to multiple platforms. Read on to find out what password managers can really do and which might be best for you.
What is a password manager?
A password manager is just software that saves and organises all your passwords and PIN codes for computers, networks, websites and applications. Many password managers will also generate passwords and double as a form filler, meaning they can automatically enter your user and password data into forms on websites.
How does a password manager work?
A password manager has one primary function: it saves and remembers all your passwords so you don't have to. It will also store your passwords and personal information in an encrypted file, which protects the confidential data from attackers with physical access to your desktop or mobile device.
The encrypted file is accessible only through the use of a master password. That means all you have to do is remember one password for the password manager, and then it will remember all your other passwords, bank and credit card information and other forms of data in the encrypted file.
Not only does a password manager keep your personal data and various accounts secure, but it also organises and manages everything for you. Secondly, many password managers will generate and store unique, complicated passwords that are difficult for hackers to crack. By generating passwords, saving them in encrypted files and organising your accounts for you, password managers save time and headaches and protect you from things like identity theft.
What are the different types of password managers?
1. A password manager is often just a standalone app for desktops and mobile devices. It is one of the earliest types, and it still thrives today. Example apps include KeePass and 1Password. Many of these standalone apps, which we will get into more later, boast features like strong encryption, form-filling for Web pages, password generation tools and the ability to export passwords to a readable file.
2. A security feature in other software is sometimes a password manager. Examples include operating systems, Web browsers and antivirus software. Firefox, Chrome and Internet Explorer have built-in password managers and can store data in an unencrypted form, for instance. Some people are confident in their security and don't feel a need for any additional layer of protection, while others feel a browser is anything but secure and might even leave you more vulnerable.
(Note: Mozilla Firefox has a master password add-on feature that will store passwords in an encrypted format, but it doesn't generate random passwords and lacks cross-platform syncing).
3. A password manager can also be embedded security hardware, in which the software requires hardware embedded on a device in order to save and encrypt data. Lenovo's T-series ThinkPad laptops feature a chipset on the motherboard called the Embedded Security Subsystem, and it works with Lenovo's password management software to save passwords and other data. It's also encrypted so that people need a passkey and/or fingerprint (read by a fingerprint scanner) to retrieve the data stored in the chipset. This type of security echoes Apple's TouchID technology introduced on the iPhone 5S.
4. There are even web-based password managers, which you can use from any internet-connected device. Examples include RoboForm and PasswordSafe. You can access their security features from Web browsers. Just use a single password to sign into the web-based password manager, and then you can retrieve all your stored passwords. This is handy if you have multiple devices with different operating systems and you need to access all your passwords from each device.
What are some popular password manager apps?
A dedicated and standalone password manager can store passwords in an encrypted form and generate secure and random passwords, and it will offer all of these features under a powerful interface with the ability to access passwords across different computers, smartphones and tablets. For these reasons alone, password manager apps are very popular. Two of the more critically acclaimed apps in recent years include 1Password and LastPass. Here's what they have to offer.
1. 1Password: This app is often highlighted on the front of the Mac App Store and App Store. It costs $50 (£30) for one licence, $70 for both a Mac and a Windows version or $70 for a family licence for up to five people. It's also available for iPhone, iPad and Android for $17.99, $17.99 and free, respectively.
Features include encrypted formats, password generation, form auto-fill for browsers, wallet-like ability to save credit card info and other personal data, syncing to Dropbox and iCloud over Wi-Fi, master password functionality, multiple and shared vaults, secure audits and so much more. 1Password does not store any of your information in the cloud.
2. LastPass: This is a free app. There is a paid version too, which opens up more features for just $12 a year. LastPass is compatible with Windows, Mac and Linux. Paying customers can also have access to iOS, Android and Windows Phone counterparts. It’s a cloud-based password manager that also offers two-factor authentication options.
Just set up a master password and LastPass will import all of your saved usernames and passwords from Firefox, Chrome, Internet Explorer, Opera and Safari. Other complementary features include form auto-fill for browsers, multiple identities, secure password generation and credit monitoring for suspicious activity.
LastPass also stores data on its cloud servers in an encrypted form, enabling you to use LastPass just about anywhere. LastPass Premium users even have the ability to boost their security with a fingerprint reader.
What are some other noteworthy password managers?
There are literally hundreds of password managers to choose from (and many types, as noted earlier). You just need to decide what level of security you need, as well as which features are most important to you. A few other password managers are KeePass, RoboForm, Password Genie, PasswordSafe, Dashlane, SplashID Safe, mSecure, DirectPass, Norton Indentity Safe and Aurora.
Is a password manager 100 per cent safe?
No. Nothing is 100 per cent safe. All computers, networks and system are vulnerable to attacks. LastPass - for instance - discovered an anomaly in its incoming network traffic and then another, similar anomaly in its outgoing traffic in May 2011.
To address the situation and err on the side of caution, LastPass decommissioned the "breached" servers and began rebuilding them, and it even requested that all users change their master password. There have been no verified reports of customer data loss or password leaks since these precautions were taken.
But the chances of someone hacking you and stealing your identity are still far less than they would be without the use of a password manager.