You Need a Password Manager. Seriously.

7 48
Avatar for Randomblock1
4 years ago

You’ve probably heard of password managers before. But what do they really do? And how useful are they, really?

Password managers... manage your passwords. They basically store your login information securely and make it so you only need to memorize one password: the password to access your password manager. They also generate extremely secure passwords that you wouldn’t be able to memorize, so that machines won’t be able to guess them.

Password managers are also easy built into many modern browsers and OSes, but they often times don’t sync across platforms. For example, iOS has a password manager built in. But you can’t access it on Windows, Android, or the web.

I’m going to use 1Password as an example of a password manager, since that’s the one I use. They aren’t paying me or anything for this, it’s just the one I have.

Imagine this: you use your (ahem) “secure” password “briefcase28($@!)82” all across the web. Everything is fine, until one of the websites you use gets hacked and your password gets exposed. Now, if you reused that password (as many people understandably do), you can be hacked at any time, at any website you signed up for. Oh no!

Now: imagine the same scenario with a password manager. Oh no! One of the websites you use got hacked! It’s a good thing you never reuse passwords and they are always super long and random! You reset the password on the hacked account and don’t have to worry about other accounts also getting hacked.

Plus, if the hacked websites only exposed password hashes, it would be much, much easier to crack your password than a 72 character long completely randomized password, since cracking hashes is basically guessing them until something matches.

Are you starting to see how useful password managers can be?

Now, what if instead of a website getting hacked, someone just tries to brute force (guess) your password. Your password might be easy to crack if it’s not long enough, but absolutely nobody can guess a really long one generated by a password manager.

In addition to normal password protection, it can also store 2 factor authentication codes, just in case someone did guess your password. When 2FA is on, the password is useless when you don’t have the authentication code.

Password managers don’t just store passwords. The password manager I use can store text, files like PDFs, Wi-Fi passwords, software licenses, bank credentials, credit cards, and basically anything else.

But wait... what if my password manager gets hacked?

Let’s suppose someone knows your password and your email for your password manager. Can they get in? No. With 1Password, the one I use, you need your email, password, and a long random password called the “secret key” that’s virtually unguessable. (Note: this is for 1Password’s paid service. A local database only needs a password, so you better make it a good one.) You can even turn on 2FA for your password manager, if you’re really paranoid.

Note: this might not be the same for other password managers. For instance, Lastpass only needs an email and password to login, and it can’t store 2FA info. I believe it does send a confirmation email though.

Hope you enjoyed this article! Leave a like, and sponsor me if you like my content. :)

Quality faucets:

Free Bitcoin (BTC)

Moon BCH (BCH)

Pipeflare (ZEC, DASH, & PIVX)

Zenhub (ZEN)

Globalhive (ZEC)

=-=-=-=-=-=-=-=-=-=-=-=-=-=

Into cloud mining? Get 100 GH/S free from DualMine, a cheap and reputable mining provider that just reached 2 years old!

HoneyGain lets you earn money for sharing your Internet in the background. Basically free money.

Want to mine with your computer, but don't know what is most profitable to mine? NiceHash does it for you.

28
$ 0.00
Sponsors of Randomblock1
empty
empty
empty
Avatar for Randomblock1
4 years ago

Comments

Dynamical passwords are not stored in encrypted files, so they can not be hacked. With dynamical passwords it is super easy to manage changes of multiple passwords for multiple sites.

$ 0.00
2 years ago

Yes you are right we need to more secure our account mostly our Facebook, Twitter and Bank account. Nowadays hacker ar very dangerous. For more Secure use two factor verification and use strong password. Note not use your Daily necessary word. Have a good day. Bye.

$ 0.00
4 years ago

I never liked password manager. I don't not feel safe knowing that ALL my passwords and ALL the place that needs them are stored in a single place. Instead I use 3-4 passwords. Some easier for less critical sites and some more complicated for critical sites.

$ 0.00
4 years ago

I made the exact same mistake. One after another account got hacked, overnight. Trust me, it’s a lot harder to hack a password manager than you think, especially if you have a good password and 2 factor authentication enabled. If you have a secure password, using a manager feels and is a lot safer than reusing passwords. It’s all fun and games until the most secure password gets hacked. Then, say bye to all your important accounts. Even if it’s secure, a website hack could expose it; if every website has its own unique password, one getting hacked is no big deal.

$ 0.00
4 years ago

It is true in that sense. But still I dont know... Im quite divided as 1 breach it would be everything. It is true that last time I used one there was no 2FA and additional security. I use to have KeePass back then and configured to require a USB key I would carry with me.

$ 0.00
4 years ago

Even if hackers got into 1Password, for instance, they wouldn’t know the password since it’s not stored on their servers. If you’re worried about a weak password, generate a really secure long one and write it down on a piece of paper, and store it securely. Even brute-forcing it would be difficult, since it uses PBKDF2, which is meant to make bruteforcing really really hard. KeePass is good too; any password manager will do. I just used 1Password as an example since that’s just the one I have and know the most about. The important thing is securing your passwords and not reusing them, not which manager you choose.

$ 0.00
4 years ago

Yes very true. But i'm not concerned about server being hacked. Badly secured password manager can be defeated by a simple virus with a keylogger. It logs when you unlock your password manager. In the age of Wifi, packet sniffing/injection could also be used if stored on server and not well encrypted when transmitted.

And another thing, Even tho I know its better, I think is 2FA is really freaking annoying... Lol

But yeah I was a system admin so I know exactly what you are talking about. It was also a while ago, security wasn't the same. And don't get me wrong, I agree with everything you say.

$ 0.00
4 years ago