What Is A Password Manager?
A password manager is an application that is used to store and distribute your passwords in a secure and effective manner. They can store information for all your digital accounts, including passwords and other sensitive data. The platform will then allow you to autofill passwords to known and verified login pages, either application or browser based.
The benefits of password managers include:
- Save Brain Space: By using a password manager, you do not need to remember multiple complex passwords. Instead, you only need to remember a single, complex master password to unlock your other passwords. According to BitWarden, 51% of those who use password managers do so because they have difficulty remembering all their passwords.
- Improving Online Security: In reducing the number of passwords that a user needs to remember; the individual passwords can be more complex and secure. Beyond this, password managers have a series of security features to enhance security. This can include MFA and dark web scanning to identify any password breaches.
- Streamline Login: As users can autofill passwords to login pages, the time taken to login and identify the correct password for each account is reduced. While this does not sound like a substantial saving, it saves time and allows users to stay focused on their work. 53% of users say that they want to share their logins across devices, allowing them to improve productivity.
- Password Generation: Rather than asking users to create a secure password that they think is unique, many password managers can generate passwords that are truly random and complex, making them much more secure.
We’ve curated a list of password managers that are ideally suited to business environments, you can read that list here:
How Do Password Managers Work?
Password managers store your individual account passwords within a secure, encrypted vault. Users can access and deploy these passwords by using a master password to access the vault. This is the only password that a user must remember, allowing it to be long and complex enough to add to your level of security.
The first stage in setting up a password manager is to create a secure master password. While this password should be complex and highly secure, it is the only one you will need to remember. It should be:
- At least 16 characters long
- Contain a mixture of letters, numbers, and special characters
- Be unique and not reused
While setting up your account, you should implement MFA to add another layer of security to your accounts.
Once this account is created, you can begin to store your sensitive information in the vault. While this may primarily be account login credentials, you can also store sensitive documents and files within it. When you need to login to an account that has credentials saved in a vault, you will be prompted to autofill these. If you have already logged into your password manager during that session, this will happen automatically. Otherwise, you may be prompted to log in to your password manager, using MFA to confirm that you are the right user.
That’s all there is to it. There are other features that are included as part of a password management platform. This can include password generators that create complex passwords for your stored accounts. Password managers can also share passwords to different browsers, and to devices that are linked to your account.
While password managers are typically delivered as a SaaS product with monthly or annual subscription options, many operating systems have their own password manager. Windows, Android, MacOS, and iOS have all added this capability in recent years. One of the benefits of this approach is that you don’t need to install a third-party application.
For more information on how browser-based, cloud-based, and desktop-based password managers differ, you can read our article here:
How Effective Are Password Managers?
In the fast-paced world of cybersecurity, security teams and attackers are engaged in a relentless cycle of innovation. As security teams try to innovate, attackers look for loopholes, security teams then innovate again to close loopholes, then attackers look for more loopholes. This cycle is constant and will continue to be so. No matter how effective a new security feature is, attackers will constantly look for ways to get around it.
The consequence of this is that no security feature can guarantee to keep you 100% secure. However, when it comes to password managers, the most common cause of breaches is down to human error. It may be that they use their master password across multiple accounts. This threatens all of the passwords and data saved within a manager. We would also recommend using a provider where passwords are stored on your device. This is important as it eliminates one area where attackers can target your data.
Password managers deliver a high level of security through multiple individual features. This includes encryption, MFA, password cycling, and dark web scanning.
So, in one sense, password managers can never be fully, 100% effective. That being said, they are a vast improvement to the alternative: nothing.
Password managers enforce secure password practices, whilst reducing the burden on the user. This allows all of their linked accounts to be secured using effective and comprehensive security measures. It also allows individual users to prioritise productivity through password auto-filling and sharing passwords securely between devices and applications.
How Do You Choose The Right Password Manager For Your Use-Case?
When it comes to selecting the right password manager for your organization, the first thing you should do is ask questions. If you don’t understand how your organization works and what you’re looking for in a password management tool, you’ll not be able to find an appropriate platform.
- How many users need to be secured?
- Does the vault need to store additional data, other than passwords?
- Is offline access needed? Would a cloud, browser, or desktop-based solution work best?
- Do you need additional capabilities such as secure password generation?
Once you understand what you are looking for, you can begin your research. Some key features to look for include:
- Customizable MFA
- Cross platform sharing
- Admin reporting and monitoring
- Dark web scanning
You can read the details on the top password managers for businesses in our article here:
When trying to answer the question of ‘how effective are password managers?’ the answer is clear. Password managers are very effective means of protecting your passwords and improving productivity. They greatly reduce the chance of passwords being compromised and make it easier for you to deploy complex passwords across all your other accounts.
That being said, no cybersecurity solution is perfect. No matter how small the chance, there is always a possibility of being breached. Because of this, you should still take a cautious attitude to password management, even when using an effective solution.
The most effective means of protecting your passwords is by using an effective password manager and having a cautious and robust approach to password security.