Why do we need Password Managers?
So, you are not one of those paranoid characters one meets online on a daily basis. You have no reason to be paranoid – you’re not engaged in anything illegal.
So, what’s with all the “You simply MUST have a password manager” preaching?! It’s all a bit blown up, right?
Wrong! You DO need a solid, trustworthy pass manager even if you’re not doing anything suspicious.
The biggest reason is that socializing today means that you have a number of accounts across a number of social media websites. You CAN use the same password for each of these accounts, but you know better than that.
You know that if YOU don’t take care of your passwords, someone else will. And you are fully aware of the identity theft trend that’s very popular on the internet these last couple of years.
Remember the cases of Lara Love and David Jackson or Abraham Abdallah or Phillip Cummings? Google these cases; they’re quite educational.
No one is spared on the internet – from royalty and celebrities to common people. How many cases of photo leakage do you remember?!So, you have different passwords for each website, kudos for that. But who can remember all of them?!
Here enters password managers to the rescue!
But, not only are your personal photos compromised. You have probably heard about phishing attacks where hackers mimic your bank’s login page to the smallest detail requesting that you enter not just your login information, but the answers to secret questions, credit card numbers, etc.
Most of today’s password managers offer to automatically fill in your data when logging in. Since phishing links are very similar to real URLs (they usually differ by one letter – Skrill.com vs. Skrilll.com), it’s difficult for the user to spot the difference. But password managers will not offer to fill in your credentials if the URL is different that the real thing.
Now imagine a different situation: you have started your own business, and it is essential that your employees have access to some accounts of yours, maybe even bank accounts.
Will you entrust all your passwords to them?
Yeah, we didn’t think so. Luckily, decent password managers allowus to share our passwords with multiple users without revealing them!
Online and Offline Password Managers
There are 2 types of password managers:
1) Online Password Managers – there is no application that you need to download or install. You simply log into your pass managing account and there they are – all your passwords encrypted and safely stored!
The first fairly successful and free service was Agatra. Unfortunately, it has been unsupported for quite some time now. The online solution implies a whole different set of problems than offline managers, mostly related to security due to the whole process being exclusively conducted over the internet.
These days there are new attempts at online password managers with increased security, Host-Proof Hosting for example. Basically, no one, not even the host, has access to your passwords – they are encrypted in a way that’s uncrackable by anyone! (so they say)
Please note: If you are going to be using these password managers for ANY DARK WEB activity then you should NOT use online password managers. This means that the government (if given a back door by the company, or if they have a quantum computer) will be able to access them at any time.
If you have your Password manager on device only (and NOT on Google Drive or any online back up then they have to hack your computer first and then find the files making it WAY harder.
– We’ve already said that you don’t need to download or install anything. We consider this a benefit seeing that it simplifies things.
– You can access your information wherever you have internet.
– When there’s no internet, there’s no access to your data. (Luckily, there’s an offline option of Passpack!)
– You are obliged to simply trust the service you have opted for, such as Passpack. It maybe a bit tricky in this day and age.
– If the government or law enforcement are given “back door” access, then they can access your login info at any time.
2) Offline Password Managers – Desktop applications that you need to download and install.
– Your passwords are kept locally, on your computer.
– You can access your data even on different computers if you store them on a USB drive.
– Myriad of options, besides simply storing and keeping your passwords safe – digital wallet, biometric authentication, automating the process of password change across many websites, etc.
– Way harder for hackers or government to obtain your login details.
– As much as it is a benefit that your data is kept on your computer, it is also a downside as well.
– If you don’t regularly back up your manager file, then you run the risk of losing your login info if your computer crashes.
– Quite a common issue – you may lose your USB drive, or it may be stolen or damaged (if you store your password manager on your USB).
Most popular Password Managers
The most popular Password Managers are offline solutions, and there are a good number of paid and free applications. Let’s start with commercial password managers.
1. KeePass is a great OFFLINE solution that is 100% free. It has been around for a long time and works across all devices. You can have it on your laptop, iPhone, iPad, Android or Mac. You just click on the details and paste into the fields. No need for typing anything anymore.
2. LastPass – certainly one of the most popular applications ONLINE. Depending on your needs, you can use free or premium option. Free version of the program stores login information for an unlimited number of accounts; it can fill in forms automatically, generate super-strong passwords for all your accounts, and even change passwords automatically.
Premium version costs $12 a year and offers some more advanced features, such as being able to sync over multiple devices, fill in logins for desktop apps, sharing passwords with people without the need to reveal them, and many others.
3. RoboForm – it is free to download this OFFLINE solution, but if you want it to store more than 10 records, you will have to pay $9.95 for the first year and after that $19.95. Although it has a much longer history than other, newer password managers, it does the basic stuff reliably and seamlessly. It not only stores your passwords, but it also automatically fills in your credentials to known websites and is also compatible with Windows 10.
4. Dashlane is right behind LastPass when it comes to ONLINE solution popularity and rightly so, considering that it lacks just one feature LastPass has – storing desktop applications passwords. It works on all the major operating systems and with all the major browsers. Apart from storing your passwords, it is also your very own digital wallet – it keeps your credit cards data safe and ready for auto-filling when needed. Dashlane is a free password manager, but you can also get a premium version for $39.99 a year (try it for free 30 days!) With the premium version you get some advanced options.
5. Sticky Password – coming from an experienced team of developers (AVG developers), this OFFLINE password manager has security as its priority, and that’s been a huge plus among the users. Both free and premium versions allow storing of an unlimited number of logins, generate strong passwords and auto-fill option, but for cloud syncing and biometric authentication you need a premium account ($20 a year). It’s easy to use and reliable.
6. 1Password – is a well-loved ONLINE/OFFLINE password manager, although somewhat costly – while other password managers come free for individual use, 1Password will cost you $2.99 or $4.99 per month for a family of five members. It is easy to use and intuitive, and features all the basic functions you’ve come to expect from an all-round pass manager plus a few more. Should you delete any of the passwords or items from the vault, they will be kept secure for a year in case you would like to recover them. It also warns users of website vulnerabilities. Although it runs on most devices and supports most operating systems, some users have complained that it doesn’t support Linux.As announced, these 5 are all commercial password managers, and you can find the full list of their features here.
We have also mentioned that there are a number of free password managers. One that is regarded the best among users is KeePass. It’s not only free, but it’s open source as well which is sort of a guarantee of its security and that it’s up to date. It runs on most Windows-based systems, while Professional Edition runs on Linux-based systems as well.
As for its features, those are pretty impressive and depend on which version you opt for – Classic or Professional: from password generator to multiple language support; it allows password groups, and includes a number of dedicated plugins that extend its functionality. It’s also handy for business purposes allowing sharing of the passwords among authorized users.
Potential downside is that it looks a bit intimidating to an average user.
How to Install and Use KeePass?
Download the installation from here. The installation is pretty straightforward.
1. When you first run the program, it will remind you to enable or disable it to automatically check for updates. Note that this won’t download anything until you authorize it.
2. After this, you will be prompted to create the initial password database. Simply select File and then New, after which the program will ask you to create your master password. This is going to be the only password you will need to remember, but make sure you select a strong one – perhaps a pass phrase or just a random set consisting of letters (both upper and lowercase), numbers and special characters.
You can also use a Key file option. But know that should you lose it or delete it or it gets hacked – your whole password database will be compromised, so it may be a good idea to store it somewhere other than your computer.
3. To enter your passwords, right-click the right part of the window and select Add Entry.4. It will open a popup window, and you can simply fill in the fields with your information and click OK. If it’s easier for you, you can have the KeePass generate a password for you.
It is worth mentioning that you can also use plugins with your KeePass, although not every plugin works with every version of the program. To find plugins, look under Tools menu. It will open a popup menu where you will be able to setup and load plugins.
– We have mentioned it already, yet it is so important that it deserves repeating – make it an extra strong master password (upper/lower case letters, spaces, symbols, numbers…).
– Don’t leave your master password lying on a table on a piece of paper, or on your desktop in a file named “Master Pass.” Don’t even keep it on Google Drive or Dropbox for that matter!
– Change your passwords from time to time. KeePass will help you make this process easier.