Password Managers

...

Password Managers:

Introduction:
Active internet users are generally present across multiple sites such as Facebook, Twitter, Instagram, Tumblr, bank, etc. Each of them require a password, thus an active internet user has potentially multiple passwords. For a human being, it’s very difficult to remember unique password for each individual website. Hence, most of us tend to have the same password across different platforms.

Now, complex passwords are difficult to remember, so many of us use relatively simpler passwords like "passwordTwitter1290," "abc123," pet's name, vehicle number and other combinations. These lesser complex passwords are very prone to breaches and make us more susceptible to crimes such as identity theft. 

This is where the “Password managers” come to our rescue!

With a password manager, it's trivial to make all your passwords unique and highly complex. It can generate, retrieve, and keep track of super-long, crazy-random passwords across countless accounts for you, while also protecting all your vital online info - not only passwords but also PINs, credit-card numbers and their three-digit CVV codes, answers to security questions, and more - with encryption so strong that it might take a hacker between decades and forever to crack.

And to get all that security, you’ll only need to remember a single password, the one you use to unlock your so-called vault. Your login data will be locked down and, at the same time, remain right at your fingertips.

Almost all them work on the same principle – “you create a master password for access to the identity vault, and then the password manager fills in the individual user IDs and passwords for the different sites and apps you use”. 

They keep all the passwords under one encrypted (and password-protected) roof. Also, generate strong and unique passwords for different sites and automatically inserts the passwords when we log into the different sites seamlessly.  

Utility:
A password manager serves multiple purposes, all of them helpful. 

  • Prevents credential stuffing: Hackers may take password from one breached site and try to log in to your accounts on other sites. Using a password managermakes it so easier to generate and store stronger passwords that are unique to each site, preventing credential stuffing attacks. 
  • Prevents shoulder surfing: At times when we are in a crowded or busy place – like metro or an airplane – typing in passwords can be seen, copied and later used by nearby eavesdroppers. Using a password manager in many cases removes the need to type in any password at all. 
  • Flagging: Most password mangers flag weak and duplicate passwords, and some offer help with the update process as well. The most advanced ones can automate the password change process. 
  • 2FA: Most password managers provide some form of 2FA be it biometric, SMS based, Google Authenticator based or something else like Yubikey. 
  • Insecure connections: Some password mangers warn about insecure login pages. 
  • Even some of them store the payment information to simplify online shopping.

Because you no longer have to recall the passwords yourself, you can give each site or app a highly different, complex and hard to remember password.

Best Features to Look for:

  • Excellent vault security 
  • Cost 
  • Ability to search the vault for weak passwords 
  • Multi platform and browser supported 
  • Syncs password across devices
  • Stores and organize other information like credit cards 
  • Browser extensions 
  • Provide alerts about breach site and insecure pages 
  • Others – Auto fill forms, VPN services provider 

Name: 1 PASSWORD
URL: https://1password.com/
Free Trial: 30 DAY FREE TRAIL
Pros:

  • Adds a secret key to the encryption key it uses 
  • Integrated with Troy Hunt’s pwned password database, so can tell whether a password has previously been leaked or exposed in a data breach
  • Syncs passwords and personal data across all the devices  
  • Plugins for web browsers, thus easy to generate and edit new passwords 
  • Multi-platform – iOS, MacOS, Android and Windows
  • Browser extensions for Firefox, Chrome and Edge

Cons:

  • Not compatible with Internet Explorer 
  • Limited import options

 

Name: Dashlane
URL: https://www.dashlane.com/
Free Trial: Limited Free Plan
Pros:

  • Uses secret keys to encrypt the passwords 
  • Provides site breach alerts: Scans dark web for compromised accounts 
  • Provides option not to store any password data with the Dashlane’s servers
  • Multi-platform syncing – Windows, MacOS, Android and iOS
  • Browser extensions for Firefox, Chrome and Edge
  • Includes VPN protection 
  • Captures online shopping receipts 

Cons:

  • Expensive 
  • Limited support for Internet Explorer 
  • No special handling for non-standard logins 
  • Can’t choose VPN server 

 

Name: Lastpass
URL: https://www.lastpass.com/
Free Trial: Best free option
Pros:

  • Offers password syncing between devices on its free plan 
  • Searches the password vault for weak passwords
  • Alerts about potentially compromised accounts 
  • Supports 2FA
  • Enables choose whether LastPass can auto-fill forms
  • Premium version provides: More two factor options like YubiKey, I GB encrypted file storage, emergency access and priority customer service. 
  • Multi-platform – Windows, MacOS, Android and iOS 
  • Browser extensions for Firefox, Chrome and Edge  

Cons:

  • Mixed security record
  • No longer offers shared folders 

 

Name: KeepassXC
URL: https://keepassxc.org/
Free Trial: Completely free 
Pros:

  • Open source 
  • Database is always encrypted with industry standard AES 256 bit key 
  • Enables secure the encrypted digital vault with a master password, a key file or both 
  • Multi-platform 
  • Extension for Firefox and Chrome

Cons:

  • No official apps for the phone 
  • No extension for Edge