What is the rule of thumb when it comes to password creation? The longer and more complex the password, the more secure it is. What’s more, you must not use the same password for different accounts or websites. So how then are you expected to remember these long, complicated multiple passwords? Easy, with a password manager. They help you keep your accounts safe by generating long and unique passwords for each one and allowing you to store them safely in your devices. However, you have to ensure that the password manager itself is secure before you try this. After all, it holds the keys to most of your life. So what are the considerations you need to make when choosing one?
Ability to generate long and unique passwords
It is the bare minimum that a password manager should offer. It allows you to use random characters to customize the length of the password. The standard for most websites is eight characters, but you can make it longer.
The credibility of the vendor
You must do a background check of the vendor before settling on it. Find out where they store their data and if they use their servers or third-party ones. If they have rented their data centers, are they the only ones who have access to it, or can other people access it too? It may make your information more vulnerable if other people have access to their data centers than if they were the only ones with access. Also, the location of the data centers is essential. Some countries have more intrusive laws compared to others.
Check if they make remote vault back-ups and if they are encrypted.
What you are looking for when you try this password manager solution is the assurance that no one but you has access to the vault master password. If it is end-to-end encrypted, it means that not even the provider cannot read any of your passwords if they wanted to. Conduct a simple check by opening the network tab of your browser and open any website to sign in. Save the password in the password manager. If the password appears in text form, then it means that it is easy to hack. Encryption is essential.
A good password manager needs to release regular software updates to improve its features, ease of use, and enhance security. Technology advances at a fast rate, and security researchers need to patch all the security loopholes found with time.
Ensuring it has undergone an independent security audit
When doing your background check on the password manager, you need to check if security researchers have examined the software’s codes and what their report says in regards to its safety. When you try this, the information is publicly available to enhance the confidence of its users, especially if the audit is recent, say in the last year or two. The password manager should also support web browser extensions to ensure that the passwords are filled in the correct webpages.
To sum it up, there are many password managers out there but ensure you find one that satisfies the above criteria.
Cyber Security Researcher. Information security specialist, currently working as risk infrastructure specialist & investigator. He is a cyber-security researcher with over 25 years of experience. He has served with the Intelligence Agency as a Senior Intelligence Officer. He has also worked with Google and Citrix in development of cyber security solutions. He has aided the government and many federal agencies in thwarting many cyber crimes. He has been writing for us in his free time since last 5 years.