Should I use a Password Manager?

This is a question that we constantly get from many of our clients, family and friends — and they are quite shocked when they hear what we have to say about password managers.  The short answer is = YES, you should. If you would like to know more, please read on!

Most people we speak to are quite sceptical when it comes to having a password manager. They ask how it can be safe to have all of your passwords saved, often thinking “isn’t this going directly against not writing down your passwords as we are taught in basic security?” The biggest difference between storing your passwords in plain text in a “secure location” and in a password manager is encryption. Now please take into consideration all password managers aren’t made equal, so make sure you do your research or seek the help of an IT/Security Specialist before storing your passwords in a password manager.

So how does it work? And how does it keep your accounts and passwords secure?

Password Managers generally work using Military Grade Encryption. Well, the one we would recommend does, which is LastPass. The service and other password manager services work using a “Master Password” which is used to access all of the saved passwords within your “vault”.

What that ultimately means is that if, for example, you were using the alphabet as your password, it wouldn’t be stored as the value “abcde” etc. Rather, it would be stored in an encrypted format which is highly protected such as “3eJZBd5zogS1RtS4wNRtMbJfko2IF++troD/8k/FuyE=”. Now even though this string of random letters and numbers doesn’t make much sense to a human brain, luckily, we have our password manager to decode it. So, when you put in your “master password” the random string above is converted back into the original “abcde” etc. value you created for your password.

The data you keep in the LastPass vault is kept secure and isn’t able to be seen by LastPass. What this means is that your passwords are all safe and secure on your device (laptop, computer or mobile device) and only you can use them since only you have your master password (of course, this isn’t foolproof; if someone is able to access your account, then they can access your passwords).

That being said, how do you stop that from happening?  We can enable two-factor authentication. Now what is two-factor authentication, you might ask? What this means is that you’ll have to take two actions to login. So, what does this look like? When you’re logging in with your master password, you will be sent a text or a code to either an e-mail, phone or an application on your phone.

You might even be using two-factor authentication currently and not even know it! Have you ever received a text message when logging into a bank account to confirm that it’s you trying to login? Or maybe when logging into your Gmail or Hotmail account, you receive a text on your device upon logging in? Well if you have, then you’re already setup and using two-factor authentication! Two big Security thumbs-up for you! J

OK so now we’ve described how it works, but how does it keep your passwords secure if they are all written down? And what’s this “Master Password”?

Master Password = 1 password you enter in to access your vault (where your passwords are stored). This should be a very complex password, but also one that you will be able to remember. Make sure to set-up the recovery options just in case you forget!

The benefit of having all of your passwords in a “vault” is that they can all be completely random, and you don’t need to remember any of them at all. All you’ll ever need to remember is your “master password”. Pretty great, huh? That means for your Hotmail, Gmail, Facebook and Instagram you can have random long passwords that will look something like this: “D%g4YQ$q%lhYn9e4OwfCWLWH67DRBY@y$lwGXj$6w4NJ9”.  That’s where a password manager comes into full effect — you can have strong passwords just like the one pictured above for each of your accounts, which is much more secure than using the same password for all of your accounts, OR passwords that are easy to guess “Bunny234” etc.

If you aren’t using the best passwords right now, there is no reason to run for the hills and be scared. Take actions to put yourself into a more secure situation. More information will be posted shortly, called the “Top 5 Security Changes You Can Make Today!” to help secure yourself and your data online.

If you would like further information on password managers, please leave a comment below and we can contact you directly to assist with providing further information. If you would like to take the plunge and start protecting your passwords and would like to sign up for LastPass please use the following: link 

************************************************************************

Please note that the content provided above is general advice and information regarding password managers and comprises the thoughts and opinions of Sharper I.T. only. We do not make any warranties about the completeness, reliability or accuracy of this information. We will not accept any responsibility or liability for any loss resulting from any changes that are made to your accounts/devices arising from the use of this information. We would strongly advise that you consult an I.T. Specialist before making any changes to your accounts.