Password Managers Are Vulnerable
In this networked world of the Internet, passwords are indispensable. Passwords are needed to login into any online accounts, such as your webmail, banks, credit cards, centralized cryptocurrency exchanges, and even the content publishing platforms, and so on.
Many people use the same password for all of their online accounts. It is sometimes called "reusing the same password" for many online accounts.
All the people who use the same single password for many online accounts, do it because it is difficult to remember many different passwords for different online accounts. If these people, who reuse the same password for many accounts, lose the password to hackers, they lose access to all their accounts in one go!
So, software professionals developed password managers, which are software applications that can generate very large streams of random text passwords.
These synthesized passwords can be encrypted and stored on the computer device, and or on an Internet cloud server by the password manager application software.
The password manager software provides a master password for the user to lock/unlock the encrypted passwords. Basically, users can access hundreds of online accounts by entering a single master password.
Thus, password managers provide users the much-required convenience of accessing hundreds of online accounts by a single master password.
As a long-time researcher of information security, I have a serious question about whether password manager software improves security or lowers security.
The proponents of password manager applications say that reusing the same password is too vulnerable because if the single password is compromised, all the online accounts are compromised for good.
But, the password manager applications secure multiple online accounts with a single master password. Is it not equivalent to reusing the same passwords for many online accounts?
The master password of a password manager will be an easy hole in the security bag or a single point of failure! If hackers can steal/hack the master password, they can access hundreds of online accounts of the user!
Are the sellers and proponents of password managers not seeing that they are committing the same mistake, i.e., reusing the same single master password to secure hundreds of online accounts?
Password manager applications provide the convenience of accessing hundreds of online accounts with a single master password.
As security ability and convenience are inversely proportional, the convenience of password managers brings down the security of online authentication.
The password managers are equally vulnerable to reusing the same password for many accounts because they reuse single master passwords for many online accounts.
I proposed a solution to surmount this problem, without falling into the trap of "single point of failure" of password managers, and utilizing the power of human brain memory.
It details "How to Strengthen Password Security Using Brain Memory."
My technique is more secure than using password manager applications.
And, it does not require any licensing fees or installation of any software application. The password security solution is absolutely free.
Sponsor of this article:-
Unity (Debesh Choudhury)
Text Copyright © 2022 Debesh Choudhury — All Rights Reserved
Join me at
All other images are either drawn/created by myself or credited to the respective artists/sources.
Disclaimer: All texts are mine and original. Any similarity and resemblance to any other content are purely accidental. The article is not advice for life, career, business, or investment. Do your research before adopting any options.
Unite and Empower Humanity.
Aug 11, 2022