Have you ever used any password manager? If not, then let’s understand why and how to use it?
Many of you may have used passwords before or using them now, whether it is for signing up to a social media accounts like Facebook, Twitter or while using email services like Gmail or logging into your Bank accounts.
If you are a person who uses the same and easy password in all of the online or social accounts, I would suggest you first change all of the passwords before reading this article. Because having the same password for all of your online activity poses a great security risk. If a hacker can get your single password then he can get into your all accounts. Normally hackers use some attacking tools to guess your password, if you have a weak password like “123456” or “abcdef” then these can be easily guessed by a dictionary attack.
Best Rules to create secure and strong passwords.
- Don’t use a repeated character or a series of characters (e.g., AAAAA or 12345).
- Don’t use a keyboard series of characters (e.g., qwerty or poiuy or asdfgh).
- Don’t use a dictionary word, in any language (e.g., apple or telephone) or a dictionary word with some letters simply replaced by numbers (e.g., a1ppl3 or t3l3phon3).
- Don’t use Personal information (e.g. Aadhar No., Voter ID, birthdays, names of pets or friends, addresses).
- Use a minimum of 8 characters
- Use Both Upper and Lower case Letters.
- Use Numbers and Special Characters.
- Use Word phrases.
Think of a word or phrase, and then substitute the capital and small letters with numbers and special characters and mix the case.
- Hall of Fame becomes [email protected]}
- Dinner Date becomes dIn3_R$%D6Te
The main reason people use the same password for all of their online activity is that it is easy to remember and people don’t like to set different difficult passwords in all the online accounts and remember every time they use it.
No one can remember all of the different difficult passwords.
I believe no one should remember all their passwords….
In this article, we will know about a secret called “Password Manager” that hackers don’t like but are advised by great security professionals all around the world.
So what is a password manager?
In simple terms, a password manager is a piece of software which creates, manages, encrypts and stores all your password in your computer or in their secured cloud servers.
“Like putting all your mangoes into one basket”
All you have to do is to remember one difficult Master password to log in to your account.
Apart from storing and accessing your password, you can generate a new highly secure password in the application while creating your new accounts or changing your current password.
You can store your addresses, Card Details for faster checkout.
Types of Password Manager.
There are mainly 3 types of password managers.
- Local Software
- Cloud-based web apps(Recommended)
- Token-based physical Devices
1- Local Software(Desktops, laptops, or smartphones)
Local password managers are installed on machines or mobile devices and fill in immediately. Normally these are offline and store all your password on the device itself.
Example software – KeeepassX, passkey portable, etc.
2- Cloud-based web apps
Web-based password managers encrypt all of your password and stores in a secure server or a database.
You can easily use it anywhere by installing respective clients.
Example software – Bitwarden, 1password, LastPass, Dashline, etc.
3- Hardware Devices(Like Smartcards or Secure USB Flash Devices)
Hardware Devices use a token-based mechanism to store passwords and give access to any website or service, that takes these devices as one of their authentication methods.
The data stored in the token is usually encrypted to prevent probing and unauthorized reading of the data. Some token systems still require software loaded on the PC along with the hardware (smart card reader) and drivers to properly read and decode the data.
Example – Yubikey
So which one to use?
Many password managers provide both local and cloud-based software.
Apart from the advantages they too have some disadvantages like locally stored software may be deleted if your computer is formatted.
Cloud-based web apps provide more features than the other ones like
- Password generator
- Password sharing
- You can use it anywhere at any time(Synchronization).
- 2FA(2-factor authentication)
Many cloud-based companies do provide free and paid services to use their product you just have to use according to your need.
Top 5 Password Managers.
If you don’t want to spend money on a password manager then I recommend using Bitwarden, because it is open-source and free.
Points to Remember.
- Do not use the same weak password in all your accounts.
- Use a password manager.
- Don’t share your personal information like your Bank account details, your Voter or Aadhar ID no. or D.O.B(Date Of Birth) with anyone.