What is a Password Manager?
A password manager is a computer application that stores passwords, generates new passwords, and saves login information. They are a must for anyone who has more than a handful of online accounts.
Password managers are able to generate a strong password and use a different password on each website. All of your passwords will be stored in one place, behind one master password. You’ll only need to remember one master password, and all the account-specific passwords can be stronger and unique
Reasons to Use a Password Manager
Today it is common for one email address to be used when registering for most if not all of your online accounts. This is one reason why it is important to use a password manager. Some other reasons include:
- Provides protection from browser integration issues / errors
- Offers efficient generation of passwords
- Provides phishing protection
- Easier access across many platforms
- Surveillance safeguards (so someone looking over your shoulder won’t see your password).
Password managers are a very safe way to manage your passwords. Most security experts recommend them. Companies who create password management software usually don't (shouldn’t) know your passwords. So even if the development company is hacked, your data remains safe, in theory.
Local Password Manager
An offline or local password manager tool stores the data on your own computer or device. Passwords can be kept in an encrypted file on your computer's hard-drive, separate from the actual password manager. Users who don’t want to trust “the cloud” may want to choose this option. One downside to this setup is that if you lose your device or your PC’s storage device dies, you will lose your password vault.
Your web browser’s password manager is an example of a local password manager. A browser manager is better than using no password manager, but there are drawbacks. While this scenario often uses encrypted data and allows you to sync to other devices, they are not as powerful or secure as third-party applications specifically designed for only password management and security. For example, web browsers lack features like built-in password-sharing, they don’t autofill, they're limited to one specific browser, and they only store passwords. Third party managers offer more capabilities, like managing secure notes, files, secret bookmarks, etc.
Cloud-Based Password Solution
The other major category of password managers is cloud-based.This is where fully-encrypted password data is stored on a secure online server. Cloud-based password managers are becoming more popular due to their convenience: users can access their passwords from anywhere without needing to sync data between devices.
To find a password management software that fits your specific needs, check out our own Password Managers Comparison research. There you’ll find Doakio’s custom password managers survey which will allow you to input your own rankings for each of the password manager features.
Token-Based Password Managers
Many of the most secure managers offer a security token that is used to electronically prove the user's identification. Some examples include: a wireless Bluetooth token or a USB device or a programmable electronic key fob. Investopedia states: Single sign-on services also use security tokens to log users into third-party websites seamlessly. Disconnected tokens are not linked to the computer or network in any way; rather, the user enters the information from the token manually into the system. Connected tokens work electronically and automatically transmit information to the network once they're connected.
Common Password Manager Features
Here is a list of the most common features (in order, first being the most common):
- Application-Level Encryption: Data is converted to a code before being stored.
- Windows Support: Compatible with Windows Operating System
- Android Support: Compatible with Android Operating System
- iOS Support: Compatible with iPhone/iPad Operating System
- Cloud Support: Hosts data on the cloud; users manage their account via the cloud.
- Mac OS Support: Compatible with Mac Operating System
- Chrome Support Integration: Compatible with Chrome Browser.
- Firefox Support Integration: Compatible with Firefox Browser.
- Export Data: Easily take your data or other information out from the account and save it locally or move to another application.
Tips for Added Safety
To increase safety when using a password manager:
- Make sure your master password, and all your passwords, are strong and are different from each other.
- Instead of using auto fill, copy and paste your passwords.
- Double check your page URL to make sure it is both correct and secure before pasting any passwords into websites.
- Make sure you log out of the password manager whenever you are done using it.
- Keep software updated (this will ensure security patches are applied quickly).
- It’s best if your password manager does not have a password recovery option since this provides a weak point that hackers could take advantage of. Or at the very least, password recovery should involve multi-factor authentication that is aligned with your threat assessment level.
- Whatever type of password management software you use, it is still wise to periodically backup all your data.