How safe are your passwords?

I don't just mean how cryptographically secure are your passwords. I mean do you even know all of the passwords that you may need on any given day? Truth is, a lot of people do not. Worse still, a lot of people do, but only because all of their passwords are the same. This is a big no-no when it comes to security. We are going to take a look at what you can do about it. This is a continuation of our series on silly mistakes businesses make with their IT, so be sure to check that out.

password-security

Use a password manager

A Password manager is a piece of software which lets you securely store and access you important credentials. When you need to access something you don't remember your details for, generally you just open up the Password Manger, type in you master password (or use your key file - more on that in a minute) and you now have access to your passwords and usernames.

The benefit of this is that you can use more secure, less easy to remember passwords now without worrying about forgetting them.

How secure is it though?

Password managers usually have either (or a combination of) a password or key file. The password will usually need to be secure, but easy to remember. The key file is - unsurprisingly - a file which acts like a key. When you want to open the Password Manager, you plug in your USB with the key (or wherever you store it) and select the file. Using a combination of these two methods results in a very secure system.

How safe is it then?

The biggest concern with many Password Managers is their central nature. The database is usually stored as a file on you computer. Unless you are using a cloud-based solution, you will want to back up your database and maybe your key file too (separately of course).

What Password Manager should I use?

When it comes down to it, you have a few options.

LastPass is a decentralised cloud based password manager, available for free, but there is also a premium plan for $2 a month.

1Password is very similar to LastPass, and there is nothing wrong with that. It is always good to have multiple options in the tech scene when it comes to software. 1Password's premium packages are $2.99 for single user, and $4.99 for upto 5 users.

Keepass is a bit more of a DIY solution. It is not cloud based (although you can still sync your database with something like Dropbox, but arguably has more customisation. It is also Open Source (and OSI certified) meaning that you don't need to pay anything for it, and that developers can modify it. The benefit of this is that there are version of it for virtually every platform.