A password manager is a software application or a hardware device used to store and manage a person’s passwords and strong passwords. Typically all stored passwords are encrypted, requiring the user to create a master password to access all the stored, managed passwords.
Why do businesses use password managers?
Businesses use password managers to store strong passwords so that employees don’t have to memorize them or write them down in places where they could be stolen. Password management software also eliminates the need to share plaintext passwords with coworkers by leaving a note on their desks or sending them an email with the password.
Common features of password managers
Password managers share a few features:
- A master password gives you access to your password manager vault. It’s the one password you must remember.
- Vaults store items (usernames, passwords, and files) securely. In enterprise settings, organizations will establish shared vaults to store passwords that multiple users need.
- Collaboration and sharing: Many password managers allow collaboration with other users through the application, to facilitate safely sharing passwords or vaults.
Top password management vendors
Dashlane is a password management tool that can perform both basic and advanced tasks depending on your needs. It creates, saves, and autofills strong, randomized passwords for all accounts, so you’ll never have to remember or worry about your passwords. Dashlane is designed so that they can’t see the information users store in it, meaning your data will never be sold. A VPN is included to scan your account for weak and compromised passwords. A free version of Dashlane is available, and plans that are priced annually are available for individuals, families, and businesses.
NordPass allows you to store all your passwords in a single place and log in to your most-used websites and apps with a single click. Even when you’re offline, your login credentials can still be accessed. Passwords can be shared with people you trust through an encrypted vault. NordPass syncs all passwords across all devices, and there is no limit on the amount of passwords you can store. It comes with a built-in password generator, and sensitive notes and credit card information can also be stored. The application has a free version in addition to premium and family premium versions.
How to use a password manager
Today, people have a large number of passwords for social media sites, work logins, shopping pages, online banking and much more. While it is important to use strong passwords and to use different passwords on each site, it can be a difficult task to remember all of them. With a password manager, you simply enter the site, provide the master password you set for the password manager in that software, then log in to the site and the username and password will be stored for you.
Using a password manager can also help you to create more secure passwords as it will create randomly generated passwords if you create new online accounts using the manager. Often, with a master password you can sync accounts across platforms as well.
Managing passwords in a eb Browser
Most web browsers —Chrome, Firefox, and Explorer—have an integrated password manager, but they do not encrypt the passwords, so anyone with access to your computer can view your online passwords quite easily. Some options exist, like on Firefox, to encrypt passwords and use a master password to retrieve. While this makes the password manager more secure, browser-saved passwords typically will not work across platforms and the password managers lack features, including the ability to generate random passwords for new accounts.
Are built-in password managers secure?
Built-in password managers, such as Keychain in macOS, have automatic strong-password-generation features and security features. According to Apple, keychain metadata is encrypted, and keychain items use 256-bit AES encryption. The downside to a built-in password manager is that you don’t have to log in every time you want to use it. There is no master password. If someone hacks your physical computer and wants to access an account, and you’re using 1Password, they’ll have to know the master password before they can access that account. If you’re using a built-in app like Keychain, your login information will automatically show in the fields.
Built-in password managers present a risk if you’re commonly working around other people and leave your computer open for spans of time or if you work in a location with people who aren’t part of your organization. They are less risky for personal computer users, especially if you’re only using your laptop at home. It’s also safer to use built-in password managers only for accounts that have less sensitive data (for example, using Keychain for a My Panera account but not for your bank account).
Hardware password managers
Many hardware-based password manager devices work in a similar fashion to software password managers. You first install an app on your PC and connect the password manager using a USB port on the computer. When login pages are detected users are prompted to save the logins to the password device. All usernames, password and other required login information is stored encrypted, often on a protected smart card.
The app for the device can be customized to manage logins, information and to import or export credentials from various locations, including cloud storage.
Risks of using a password manager
Although password managers largely reduce the inherent risks of passwords, there is a possibility that a cyber attacker could hack your account. To reduce the risk of someone accessing your password manager account:
- Create a strong master password and don’t tell anyone about it
- Do not write your password on paper and store it somewhere that other people can reach it, such as your work desk or near your computer
- Do not type your password into a note on your computer or phone
There is a more complicated method of ensuring that no hacker can discern your login information: before setting each password, decide on a four-key identifier (like a PIN code) that you will memorize and always remember. Then, after you record a password and save it to 1Password, add your four-digit code to the end of the password. The application will require it, but 1Password won’t have the final four digits included. If someone hacks your 1Password account, they won’t be able to use your passwords to log into your accounts.
This method isn’t necessary for most online accounts, but if you deal with very sensitive data and want to reduce risk for your most secure company accounts, it’s one of the best ways to do so. This also ensures that only you know that information if someone else is added to the vault accidentally.
Another way to mitigate risk is to just memorize a select few passwords for very important accounts, such as your bank account or your company’s Salesforce account. Any account with extremely sensitive data, whether that’s personal or company information, is worth memorizing, as long as you only have a few to keep track of and you know it perfectly. Then you don’t have to store them in your password manager.
This article was updated August 2021 by Jenna Phipps.