What is Password Managers and Security - Information Technology

What is Password Managers and Security

Password managers now from time to time debates will come up about you know now at this point I want to acknowledge the many sources we can delve into trying to understand whether password managers are good or bad we first need to understand something about the security of passwords what makes a password strong what makes it weak only after we've understood that can we add password managers to the equation and see how it changes things up so yeah let's begin by discussing what makes a password secure to understand that we must first look at some of the ways in which passwords can be compromised first and foremost the easiest method is to use a brute-force attack and what that simply means is well you try every possible combination until you break through that is in fact the most straightforward way to crack a password however this is generally not practical because there are many combinations particularly with a long password and they' take too long phone you can a fast computer to crack however they're actually some techniques a hacker can use to sort of optimize this process but these methods are based on assumptions about your password for example a hacker can use a common passwords list this represents one of the weakest passwords out there if you pick some of the popular words that are used for passwords for example password another common technique is a dictionary attack they'll try to see if your password contains dictionary words that also you know reduces the possibilities that they have to search for and that is why this is one optimization technique as well of course you can beat both these techniques by using a password that is more or less random we've just discussed basically assume that well the hacker hasn't stolen the password directly from you you see as it turns out none of these techniques we've just discussed is particularly easy to pull off because it involves a lot of trial and error and sort of fighting with the encryption algorithm because these algorithms are generally very rigorous and secure in fact they might find a weaker link in this whole chain and that is you the user there are many techniques in which they can try to steal your password without even going near the algorithms one famous example of this is phishing phishing of course involves sending you an email that appears legitimate and thus tricking you into entering a password that they can actually intercept that of course means that the attackers don't have to go to the site itself and try their luck because you are willingly giving up your password this is just one of the many techniques within the white umbrella called social engineering and yeah it's actually a very white subject so it might come back to it at another time but there are many ways to actually trick you into giving up your password willingly Ida techniques they can use involve them watching you and sort of trying to understand your habits and

using that to figure out what you might choose as a password alternatively another way is it just install malware on your computer for example if they install a key logger everything you type in gets captured and that's how they steal your password so with this understanding of all the different vulnerabilities let us now move on to password managers let's try to understand how they can make things better or what additional risks they pose first let's try to understand what a password manager is and in doing so try to understand what are some advantages it may confer first and foremost a password manager is simply an application that stores your passwords for you obviously a good password manager will encrypt this information so that it cannot be easily stolen so right off the bat we see the most fundamental advantage of a password manager and that is the fact that you don't have to remember all your passwords you just need to remember one and that is your master password to get into the password manager and from that you will see the rest of your passwords of course that is the most basic most modern password managers let you do a lot more for example they can generate secure passwords for you for all your websites they can store your passwords to the cloud so you will never you don't have the risk of losing them and they can even autofill forms for you other site advantages that a passive major may confer is that they may just encrypt any fault they can also help you change your passwords rapidly across all the sites you have registered and they can even implicitly protect you against phishing attacks because if you're on a fishing web page the form will not autofill so yeah they're actually a lot of advantages which is why many people agree that you should use a password manager many argue that you are the weakest link when it comes to you know managing your passwords particularly because it's very difficult to create a password that is strong that is unique across all the websites you use and is something that you can actually commit to memory I guess that is the unfortunate thing about being human which is why I think some people agree that using a password manager can help us mitigate some of this risk having looked at the advantages of password managers that has now shift our focus to the disadvantages the first and biggest complaints about password managers is the fact that you're putting all your eggs in one basket your password manager represents a single points of failure if you lose your master password it's equivalent to losing all your passwords if the service provider of a password manager actually gets breached somehow even though this is extremely unlikely you will also lose all your passwords in one fell swoop of course the simplest way to reduce this risk is to remember the most important of your passwords so that even if something happens you are still able to salvage the situation I guess all the complaints about password managers can be bought down to this one statement and that is you are at their mercy basically you can only be as secure as the password manager itself is and

unfortunately a lot of the time we are not really well equipped to figure out whether a password manager is secure or not of course this generally isn't a problem if you pick a reputable password manager read around and try to understand you know what's available out there before making your pick this allows us to wind down to our conclusion and I want to take this time to point out a very important effect and that is that there is no such thing as absolute perfect security ultimately all you can do is to manage risk as mentioned sometimes the user is the weakest link in the chain which is why password managers are recommended most of the time a password manager doesn't mean you are absolutely secure but if in your use case they can give you a boost in security then it's something you can consider using I think the most important thing at the end of the day is for any user to understand what makes a password strong or weak by understanding where the vulnerabilities are we can make more informed decisions so yeah to reiterate basically you want to choose the password that is strong in other words one that is complex memorable and also not repeatedly used across multiple sites safeguard yourself against malware by making sure that your computer is up to date and that you have good reputable anti-malware software that is also up to date finally safeguard yourself against social engineering attacks if you never ever give out your password to anyone then chances are well you've minimized that risk keep an eye out on the URL bar whatever you're entering your password so that you don't fall victim to a phishing attack basically that's all there is for this particular article I know we've gone a very long way we've talked about password managers we've talked about you know good security in general but I think all of this is important ultimately at the end of the day it is your decision whether or not you want to use a password manager but ultimately if you understand what you're doing well you'll be all right...