Choosing a Password Manager
Lately, password leaks have been happening more and more frequently, and if you use the same password for all websites, this can become a problem because hackers can use it to access your accounts. The best way to protect yourself is to use unique passwords everywhere and, where possible, enable two-factor authentication. A password manager helps with this by creating and storing unique and complex passwords for each website.
A password manager generates long and unique passwords, stores them in a secure vault, and automatically fills in input fields when necessary. It protects all these passwords with one master password, making it easier to remember. It's important to choose a strong master password and, if possible, enable two-factor authentication for your password manager account. In most cases, a password manager also synchronizes your passwords across different devices—such as your phone and computer—so you can log in from any device.
While a password manager does its best for security, it's important to remember that it creates a single point of failure and can be a target for attacks. If the threat is serious, such as from state actors, it's important to choose the right password manager and configure it for maximum security.
If you don't want to use a password manager, you should still use unique passwords for each website. Writing them down and storing them in a secure place, like a safe, is better than trying to remember them.
Choosing the right password manager depends on your needs. Many offer free trial periods, so it's recommended to use them to evaluate which option suits you best.
Companies that create password managers make money in various ways. This could be through a subscription fee or by selling to corporate users with a free version for others. When choosing, it's important to look into available subscription plans and features of each. However, it's generally better to use open-source programs.
It's important for a password manager to support two-factor authentication to further protect your accounts. Some also have other innovative security methods that are worth considering.
Browser Extensions and Cross-Platform Support Most password managers provide access to your data on all devices: desktop applications for Windows, Mac, or Linux, as well as mobile applications for Android or iPhone. Passwords created on one device automatically become available on others. Most managers also support browser extensions that automatically fill in login fields when you visit a page, eliminating the need for copying and pasting. While browser autofill can pose risks in case of attacks by hackers, for most people, it's not only convenient but also important protection against phishing.
End-to-End Encrypted Backups Since most password managers store your data online and synchronize it between devices, it's important for this data to be protected with end-to-end encryption. Nobody, not even the developer company, should have access to your passwords. Before choosing a password manager, ensure that it uses effective encryption—this information should be available in its description and documentation.
Independent Security Audits and Vulnerability Reward Programs Some popular password managers undergo independent audits of their software. While such audits don't provide a guarantee of security, they indicate developers' serious approach to protecting users' data. Another good sign is the presence of vulnerability reward programs. Some well-known password managers that have passed security audits include: 1Password Bitwarden Dashlane NordPass Remember that this information is not exhaustive and does not guarantee the security of using a specific password manager. It's also important to stay informed about vulnerabilities and security breaches.
Active Software Updates Periodically check the update history of the mobile app to ensure it's regularly updated and supports the latest operating systems. This shows that developers not only implement new features but also monitor the security and stability of the app.
Portability A good password manager should allow you to easily transfer your logins and passwords if you decide to change the program. Usually, this is a simple process where you export a file with your passwords in CSV format and then import it into the new program. Check the documentation of your password manager for more detailed instructions.
Built-In Browser Password Managers Google, Apple, and Mozilla offer their own password managers. While you can access your passwords from these managers on different devices and operating systems, they work best when integrated with browsers or operating systems from the respective companies. Mozilla's password manager only has a version for Firefox and isn't as easily integrated with other browsers. Other browsers may also offer similar tools, but it's important to ensure how they encrypt data before using them.
Browser password managers can be convenient, but they're usually not as functional as standalone programs. Features like encrypted notes, answers to security questions, and options for family password use may be unavailable.
It's important to use a password manager that's convenient for you. Browser password managers may be easier to use, especially if you've never used such programs before. They also provide protection against phishing without the need for additional extensions. However, remember that the level of security may vary: Apple's iCloud Keychain encrypts passwords immediately, while Google requires manual encryption. Mozilla provides encryption information in Firefox. We recommend checking out our "Recommended Applications" section on the website's homepage.
