Top Reasons To Use A Password Manager

Brett Russell    brett.russell@envisionitllc.com
October 19, 2015

Top Reasons To Use A Password Manager

Using a password manager is a great way to improve personal security while also easing the burden of the ever-increasing number of accounts we acquire.  Password managers address several key points in password security: 

Unique Passwords

One of the biggest mistakes that people make is using the same password for multiple websites or other services.  It’s understandable, as most people would not want to or even be capable of remembering dozens or hundreds of unique passwords (especially complex ones!), but doing so means that when your account at one website is compromised, all places that you use the same credentials for are immediately threatened.

By removing the need to remember passwords to each site or service used, a password manager makes it easy to have unique passwords to each site.  At that point, you only need to be concerned about the individual account that’s been compromised, knowing that it won’t affect your accounts at other sites. 

Password Complexity

Another aspect that password managers simplify is password complexity.  If you’re relying on password memorization, chances are that the passwords you use are made up of words and possibly hold personal value (the name of a child and their birth date, for example).  These passwords may very well comply with operating system or other requirements, but that doesn’t inherently make them good passwords.

Using a password manager makes it easy to get in the habit of using long, randomized passwords full of upper and lower-case letters, numbers, and symbols that decrease the chance of being broken by brute force or dictionary attacks.  Since you’re usually using the manager to fill authentication information or using copy/paste for the password, it is no harder to have a good, strong password than it is to have a short one.  Many such tools have built-in password generators, often with the ability to set password parameters, such as length and which characters to include/exclude. 

The only downside to getting accustomed to automatically generating long, complex passwords is that you’ll occasionally be annoyed when your bank or another website inexplicably restricts passwords complexity (to 8-character alphanumeric, for example).

Password Changes

While there is some debate about the value of changing complex passwords on a regular basis, often policy or regulation requires it.  Many password managers allow you to set password expiration timers so that you can maintain a schedule for changing individual passwords, should you desire or be required to do so.

With the increased number of high-profile security breaches, it may only be a matter of time that one of your passwords needs to be changed and a password manager may be able to assist you.  Many tools allow you to change some website passwords right from within the interface, while some will even alert you in the event that one of your accounts may have been compromised.

Get Rid of Sticky Notes

It may be cliché, but storing passwords on sticky notes under keyboards, on monitors, in drawers, or other locations is something that many users still do.  By storing your strong passwords in an encrypted database that password managers use, you are significantly increasing the difficulty another person would have accessing your passwords and reducing the risk that you lose a vital password.  You can keep the database in the cloud, on a USB drive, or on your local disk; just make sure that you have a backup stored somewhere in case you can’t access it via your primary method or in the event of system failure.

 You can further improve security by using multi-factor authentication (MFA), such as fingerprint scanning, Windows Hello, Google Authenticator, or a key file on a USB drive.

The Tools

A few popular password managers are listed below, for convenience.  There are many others out there that may suit your needs better, so compare or even try out a few to see what works best for you. 

Perhaps password management will become less of an issue as Single Sign-On (SSO) standards are adopted, but for now utilizing a password management tool can help make your accounts more secure and easier to maintain.  Just make sure to use a good, strong master password and don’t forget it!

Tags: Auditing, Password, Security, Technology