With so many accounts and apps nowadays, it truly is a chore to manage our logins and passwords. You could try writing them down, or using the same one for all accounts, or just keep resetting them each time you forget, which is super annoying after the 3rd time.
You should consider a password manager, it is like a contacts for phone numbers but for passwords and accounts. Plus, many password managers come with other security tools that help such as dark web searches for your data, password generators and other cool stuff you would never think about.
Security expert and trainer Troy Hunt has written about the benefits of password managers and says they don't have to be perfect, they just have to be better than not having one .
There are many password managers and figuring out which one is up to you. There is one consideration you should be aware of, some managers store them in the cloud and others store them locally on your computer. Cloud storage puts you at more potential risk versus local storage, which doesn't need an internet connection to get the passwords.
Cloud or Local?
Cloud storage can sync across all your devices which is very convenient. The keys to encrypt your password, before sending it to the cloud, are stored on the device, they are not sent over the internet. The password stored in the cloud is encrypted and can only be decrypted from your device which requires a master password, one that you would write down or remember. In essence, only you can decrypt your password!
It would take a hacker years to crack all those stored encrypted passwords if they managed to break into the cloud database. There is always the very real possibility of a security vulnerability to be exploited by a hacker. A database full of passwords is a much bigger target than a single individual.
Additionally, do you want to give up control to a third party? You give up full control and are at their whims. For the paranoid, go for a local storage option. For the average consumer, go with a cloud option for ease of use and the power of device synching.
Checkout this extensive paper on password manager vulnerabilities and another one .
- Consumer Reports on Password Managers
- WireCutter: Best Password Managers
- Wired.com on Password Managers
- Top 4 Password Managers
Cloud Based Managers
Password sharing, browser extensions that auto-fill account login forms, credit card form auto-filling and password generators make life much easier and smoother. Think of all that time saved! Here is a list of even more.
Local Storage Managers
Not for the novice! With less features than cloud services, you will also need to back up your passwords in case your computer dies.
Hardware Based Passwords
Hardware based passwords use a physical key that generates a random password that syncs with an account. Only the person with the physical key can access the account. It is used at places like Google or for industrial systems. For consumers, this would be overkill. Unless you are paranoid.