How Password Managers Work (and Why You Should Finally Start Using Them)
Take a moment and list all the digital accounts you’ve signed up for, and there’s probably more than you thought: email, social media, banking, streaming services, cloud storage, music, gaming and fitness… it all adds up. But using the same credentials for every service is a bad idea, and if you’re reusing passwords across different accounts, let me summarize the simplest piece of advice you should take away from this article: Don’t. But of course, it’s nearly impossible to remember as many unique usernames and strong passwords as you need for different accounts. This is where password managers come to the rescue.
Password managers hide your various login credentials behind one master username and password, so logging into a password manager gives you access to everything else. It’s a secure alternative to writing down passwords or saving them in a spreadsheet, more secure than your memory. They can often store other data as well—such as credit card numbers, PINs, and authentication keys—and can also provide you with additional features such as data breach scanning for your credentials. If you haven’t switched to a password manager yet, consider this a sign to get started. It can be intimidating at first, but getting started may be easier than you think.
Some of the most important password manager features
Password managers are a little different, but you’ll find many of the same features across brands. First, they store your passwords—often the ones that pop up on web browsers and phones when you need to sign into an account—and provide you with login credentials with one click or tap. However, as login technologies have evolved, so have password managers. Many can now also help with two-factor authentication codes and access keys for websites or applications that require more than just a username and password. At the same time, these password managers are protected by a primary username and password that you need to remember, and often biometric authentication.
Most password managers also offer strong passwords for new accounts: passwords that mix random special characters, letters, and numbers, making them extremely difficult to crack. With a password manager, you don’t actually need to know what your passwords are—the program will do everything for you. You’ll often see that password managers also offer additional security features, ranging from notifications about duplicate passwords to monitoring your email addresses, usernames, or passwords on the dark web. If your login information becomes the result of a data breach, you will be alerted and have the option to change it.
How password managers protect your data
You may be wondering how password managers keep your passwords secure and private. The details vary depending on the software package, but they will always use end-to-end encryption with your master password as the decryption key. This means that no one else – from hackers to password manager developers to government agencies – will be able to access your data without this password. Additional security measures are often used. Let’s take 1Password as an example : it uses PBKDF2 key amplification (Password Based Key Derivation Function 2), which, simply put, means that passwords are so obscure that they would take decades to crack . It also provides users with a secret key known only to them, which acts as an additional layer of security on top of your password.
In other words, you can’t just use your pet’s name as your password manager password. Additional layers of security are often added, including two-factor authentication and biometric scanning. If your credentials need to be synced across multiple devices, strong encryption protocols are again used. Without your password, the data is useless and only you know your password.
Most password managers now offer a combination of local and cloud storage options, since we all need passwords on so many devices. However, it’s worth keeping in mind that the fewer places you have your password manager installed, the less likely it is that someone else will have access to it, which is why some users simply keep their password manager on their phone.
Why you should use a password manager
Simply put, using a password manager is much more secure than other options, such as hosting them in a Google Doc. Let’s say, for example, that you left your laptop unlocked and someone sat on it. With a Google Doc, that person is more likely to have access to your document with a password than with a password manager, where they would need an additional level of access.
Free offerings from Google and Apple have improved significantly in recent years, but they still don’t provide the level of protection, breadth of functionality, and cross-platform support of the best dedicated password managers. One example: In the case of Google Password Manager, on-device encryption (meaning you manage the decryption key locally, as with a password manager, rather than Google managing it) remains an optional feature that you need to enable rather than being enabled by default.
Considering the protection and features that dedicated password managers provide, it’s usually worth investing in for most people. Some software packages offer a free tier, but these may be limited in terms of the features you get and the number of devices you can use them on. You can expect to pay a few dollars a month for most apps, but you can also look for bundled deals that include VPNs and ad blockers, for example. However, whatever brand or package you choose, you should start using a password manager. You get a personal password vault, plenty of protections to keep it safe, and additional features like data leak monitoring and strong password generators. Plus, the best password managers sync easily across all your devices and are ready when you need them.