You’ve probably heard of password managers before. But what do they really do? And how useful are they, really?
Password managers... manage your passwords. They basically store your login information securely and make it so you only need to memorize one password: the password to access your password manager. They also generate extremely secure passwords that you wouldn’t be able to memorize, so that machines won’t be able to guess them.
Password managers are also easy built into many modern browsers and OSes, but they often times don’t sync across platforms. For example, iOS has a password manager built in. But you can’t access it on Windows, Android, or the web.
I’m going to use 1Password as an example of a password manager, since that’s the one I use. They aren’t paying me or anything for this, it’s just the one I have.
Imagine this: you use your (ahem) “secure” password “briefcase28($@!)82” all across the web. Everything is fine, until one of the websites you use gets hacked and your password gets exposed. Now, if you reused that password (as many people understandably do), you can be hacked at any time, at any website you signed up for. Oh no!
Now: imagine the same scenario with a password manager. Oh no! One of the websites you use got hacked! It’s a good thing you never reuse passwords and they are always super long and random! You reset the password on the hacked account and don’t have to worry about other accounts also getting hacked.
Plus, if the hacked websites only exposed password hashes, it would be much, much easier to crack your password than a 72 character long completely randomized password, since cracking hashes is basically guessing them until something matches.
Are you starting to see how useful password managers can be?
Now, what if instead of a website getting hacked, someone just tries to brute force (guess) your password. Your password might be easy to crack if it’s not long enough, but absolutely nobody can guess a really long one generated by a password manager.
In addition to normal password protection, it can also store 2 factor authentication codes, just in case someone did guess your password. When 2FA is on, the password is useless when you don’t have the authentication code.
Password managers don’t just store passwords. The password manager I use can store text, files like PDFs, Wi-Fi passwords, software licenses, bank credentials, credit cards, and basically anything else.
But wait... what if my password manager gets hacked?
Let’s suppose someone knows your password and your email for your password manager. Can they get in? No. With 1Password, the one I use, you need your email, password, and a long random password called the “secret key” that’s virtually unguessable. (Note: this is for 1Password’s paid service. A local database only needs a password, so you better make it a good one.) You can even turn on 2FA for your password manager, if you’re really paranoid.
Note: this might not be the same for other password managers. For instance, Lastpass only needs an email and password to login, and it can’t store 2FA info. I believe it does send a confirmation email though.
Hope you enjoyed this article! Leave a like, and sponsor me if you like my content. :)
Quality faucets:
=-=-=-=-=-=-=-=-=-=-=-=-=-=
HoneyGain lets you earn money for sharing your Internet in the background. Basically free money.
Dynamical passwords are not stored in encrypted files, so they can not be hacked. With dynamical passwords it is super easy to manage changes of multiple passwords for multiple sites.