A Password Manager is…
…a piece of software that remembers all your passwords for you. Because you have too many passwords to remember! And it is bad practice to use the same password for more than one account. And each password needs to be complex enough to be secure, which makes them harder to remember, with the random numbers and symbols included.
This short video from PC Mag gives a nice overview of what a Password Manager does and why:
To use the password manager, you only need to remember one master password to get in, and all the rest is done for you.
But is it safe to “keep all your eggs in one basket” like this?
There ARE risks involved in using password managers:
- like any software, they can have vulnerabilities
- they would be an obvious target for an attacker
- staff may initially be reluctant to use them
However, the NCSC (National Cyber Security Centre) recommends the use of a password manager as a tool to generate and retrieve multiple passwords. They say “while password managers aren’t perfect, we believe that the benefits outweigh the risks, and password managers will improve your security overall”.
So which Password Manager should I choose?
There are several things to consider:
- Is it easy for my staff to use?
- Is it for one device only, or do I need it to also work for my phone, laptop etc? If more than one, is it supported by all of the different platforms?
- Is the encryption algorithm strong enough?
- Is the added security of multi-factor authentication available?
- Could I export the passwords if needed?
- Will it tell me if my passwords have been compromised?
- Will it auto-fill browsers and forms for me?
- Does it generate secure passwords for me?
For further advice on this, or any other matter of IT security, contact us for a chat.