password manager

Should I use a password manager? Simple answer: Yes

According to a 2021 article in The Guardian, ‘the tyranny of passwords’ may be coming to an end – well, at least some time in the next ‘two to five years. Biometrics (including not only fingerprint IDs and face recognition, but more sci-fi stuff such as tech that recognises the shape of your ears, how you hold your phone and move, and even breath detectors) will eventually save our overburdened brains from remembering if we used mYpa$$w0rD or MyP@ssWORd (please don’t use either of these!). In the meantime, however, how best to navigate the password conundrum of easy to remember/easy to crack versus impossible to remember? The answer is a password manager. Indeed, a good password manager can be your first and best defense against being hacked (as long as you are also avoiding phishing/smishing scams).

What IS a password manager?

When it comes to the safety of your accounts online, you should use a strong and UNIQUE password for each app or website you use. (Reusing the same or similar passwords across websites is a serious NO-NO, security-wise.) Apparently, on average, that’s around 190 passwords per person. Possible? Possibly… Likely? Not at all. This is where a password manager comes in. A password manager is a software application that acts like a digital vault, securely storing your login credentials, which are then encrypted with one master password. Once you’ve set up a password manager account, you only need to remember the one (strong and unique) master password. A good password manager will also generate strong passwords on your behalf, and provide auto-fill services, saving you from entering details such as postal addresses or credit card numbers each time you require them.

Password managers can be desk-top based (that is, storing your passwords locally on a device, such as your laptop), or cloud-based, whereby your encrypted passwords are stored on the service provider’s network (and can thus be accessed from any device, as long as you have an internet connection). Depending on the password manager chosen, your master password can generally also be further strengthened by enabling multi-factor authentication (MFA) and/or biometric authentication on your account.

Choosing a password manager

There are plenty of password managers out there – some free, some available via annual subscriptions. Options (in no particular order) include KeePass, Bitwarden, LastPass, 1Password, Dashlane, Zoho Vault, Keeper, and RoboForm, among scores of others. Differences can lie in whether they offer MFA or biometric authentication, whether they allow you to share passwords with trusted family and friends, and even whether they feature data breach scanners – scouring the dark web to check if any of your logins appear online.

To choose a password manager, ensure the manager uses industry-standard AES 256-bit (military-strength) encryption, as well as ‘zero-knowledge architecture’ (whereby your passwords are encrypted prior to leaving your device). Check as well that your chosen manager works across all of your devices (syncing between your computers and phones, if required). You can also take advantage of free and/or trial options in order to try a couple of different password managers to find the one that’s right for you.

Remember: once you’ve chosen a password manager, you need to protect your account with a master password (or a ‘passphrase’), which needs to be super strong and memorable. Once your account is activated, it is best practice to further protect it with MFA. Extra security can be applied by allowing access to the password manager only from registered, trusted devices.

Need more information? Contact Geelong’s IT security specialists

Alongside your chosen password manager, you should also ensure your antivirus software is up to date, check your overall cybersecurity, and always double-check the legitimacy of any apps or extensions you’re planning to install.

With decades of IT experience helping homes and businesses in Geelong, the Bellarine Peninsula, the Surf Coast, and surrounding regions, the Geelong Technology Group team are well versed in IT security and protection – if you have any questions about password managers or any cybersecurity concerns, don’t hesitate to get in touch:

1300 GET GTG (1300 438 484)

📧 support@geelongtechnology.com.au

📍 166 Francis St, Belmont

Cybersecurity

Cybersecurity and the Essential Eight

Although it may sound like a bulked-up bedtime story (remember The Famous Five?!) or a Tarantino flick, the Essential Eight is instead a list of eight essential strategies for Australian businesses to mitigate cybersecurity incidents. The Australian Government, in conjunction with the Australian Cyber Security Centre (ACSC), has created this security to-do list to help businesses and organisations avoid the – sometimes catastrophic – fallout that can occur following a targeted cyber attack.

Read more