November 8, 2018 Blogby Andrei Sfat

The best way to store your passwords

 Online passwords are the most commonly used way to prove your identity when using websites, email accounts and even the devices we all use on a daily basis. In  my previous blog post, I shared with you some tips and tricks on how to create strong online passwords. A logic successor to this blog post would be to explain how passwords can best be stored and maintained. Well.. That’s exactly what this blog is all about.

 

Where does it go wrong with password storing?

Online passwords are the most commonly used way to prove your identity when using websites, email accounts and even the devices we all use on a daily basis. In my previous blog post, I shared with you some tips and tricks on how to create strong online passwords. A logic successor to this blog post would be to explain how passwords can best be stored and maintained. Well.. That’s exactly what this blog is all about.

To give you an idea of how big the problem of password storage and maintenance is, I’ve gathered some facts and figures*. On average, consumers:

 

  • have 6.5 different passwords in use;
  • use 25 accounts that require passwords;
  • share each password across 3.9 websites;
  • type in about 8 passwords on a daily basis.

 

These numbers even increase when applied to business employees. On average, business employees:

 

  • have 191 passwords in use;
  • use credentials to log in 154 times per month

 

And of all confirmed data breaches, about 81% finds its origin in passwords.

 

The three most common ways to store your passwords

  1. Remember all passwords by heart

Strangely enough, this is still by far the most used way for password storage. The tricky part here is that one cannot remember a wide variety of passwords, resulting in wide reuse across multiple applications.

Reusing the same password causes security issues, because if one of your websites gets hacked, all remaining websites get exposed too. A hacker can easily try to log into different platforms using the same credentials, and guess what? He will probably be successful.

Tip: try  https://haveibeenpwned.com/ to check whether your passwords have been comprised!

 

  1. Write them all down (on paper)

You’ll be surprised how many people still write down all of their passwords (on paper). The upside of this option is that it allows you to use different passwords for each website.

The downside is that one can lose the passwords, whether written down on paper or on one’s computer. And, of course, paper can get lost and if you lose that paper, you don't have another place to look for it.

 

  1. Use password manager tooling

The third and best option to store your password is to use so-called password managers. A password manager is an application, online or offline, that is meant for keeping passwords. Think of it as a database for all your passwords.

The great upsides are that you have to remember only one password to log into the application after which the password manager helps you generate highly secure passwords for an endless array of applications. And as all these passwords are encrypted, hackers will not be able to view them in the unlikely event of a hack.

 

The best password management tools out there

There are quite a few password managers out there that are widely used and considered as highly secure. I have done an attempt to list the top 4 password manager tools below:

 

LastPass

One of the most widely used password managers is LastPass. LastPass is an online password manager that is integrated with your favorite browser (you need to install an extension for ease of use, like autofill of credentials or autologin).

A cool thing of LastPass is something they call 'Security Challenge'. With this feature, the app analyses your passwords and checks them on compromised websites, duplicate passwords and shows which of your passwords are actually weak.

 

1Password

1Password is an alternative for LastPass, but it is limited as it can only be used on Mac OS X. If this is not a problem for you: personally, I like the ease of use of 1Password better.

 

Dashlane

This is another player in the space of password managers. A lot of people are very happy with Dashlane.

Personally, I’ve used it for a bit, but did not end up using it. I got a few hit-and-miss auto logging in a few websites and for some websites it would paste my password in a visible input text. Not quite safe, right?

 

KeePass

KeePass distinguishes from the competition by putting great emphasis on privacy awareness and is therefore preferred by privacy-savvy users. KeePass keeps your password database offline, so you are in charge of syncing it across multiple devices.

 

As you can see, having a password manager has a lot of advantages and it makes your life easier. Setting up one password manager is pretty straightforward.

So, why you don't you go ahead and start using one and see how it will ease your online life.

 


 Andrei Sfat

Developer at iWelcome

Andrei works at iWelcome’s office in Cluj, Romania, as a Team Lead developer. Besides his passion for IT, Andrei is an active blogger on a wide variety of topics on privacy and software development technologies like Java and Elixir. You can check his blog.


 

 Feel free to repost this blog on your website or social channels! But when you do so, please be so kind to mention the source and give us a notice via  marketing@iwelcome.com.

 

* Sources used for facts & figures: