Why password managers are a must in this new cyber world
Passwords are your first level of security in the digital world. Read our article to know how to keep your passwords secure, complex yet easy to remember and use.
You might have probably heard from other sources that using the same password for all your social media and email accounts is probably the worst thing to do. In fact, I can go further by stating that it is exactly the same as having no password at all for the remaining accounts. You see, determined hackers can easily gather your password with a simple phishing attack and using the same password for all your accounts means that by using the one password, a hacker can pretty much easily log in to all your accounts.
So most of you might go ahead making different passwords for all your different accounts. But who is going to remember all these large strings of text? Unless you're a memory champion you are bound to somehow mix all things up and get confused someday. So now you may think that why not write down all passwords in a diary. Again that's only the second worst thing you can do, as having a physical copy is not reliable. You might lose it or someone might accidentally read it.
Google has come up with new protection for all high-value users such as IT admins called Titan Security Key. It is basically a physical USB drive which has encrypted data about your login and can be used as 2FA (2 Factor authentication). The device has firmware which is officially designed by Google and also has the company's official tamper resistant module chip. This means that any unauthorized actions on the device results in the device wiping itself of all the data and it can't be used for login. So good luck to all the hackers trying to steal this and hoping it will miraculously allow you to log in :)
But unless you're some famous guy or a Google employee you can't get your hands in this device at least for now. So what other options you are left with?
The only almost perfect option is to go for a trustworthy and reliable password manager. Believe me, it makes your life much easier. Most ordinary people's first-hand impression, when they hear about password managers, is that they are really geeky stuff and fairly hard to work with.
In my opinion, it is one of the easiest and most straightforward things you can do to secure your identity on the internet. Moreover, using a password manager allows you to keep all your password in one place. Even though this is exactly the same as listing down all passwords on a diary. There's a most important difference, Password managers offer the best AES-256 bit encryption. This means that not even the developers of the password manager app can read your data.
So what in the world does encryption mean? According to Wikipedia:
In cryptography, encryption is the process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot. Encryption does not itself prevent interference but denies the intelligible content to a would-be interceptor. In an encryption scheme, the intended information or message, referred to as plaintext, is encrypted using an encryption algorithm – a cipher – generating ciphertext that can be read only if decrypted.
Moreover, AES-256 encryption is one of the most strongest algorithms out there, it would take years to hack this encryption system even with the right tools. So hackers might probably drop it unless they have some personal anger with you!
AES stands for Advanced Encryption Standard and is used by the US government, NASA, ISRO etc. This type of encryption as I mentioned earlier is quite unbreakable. Many attempts have taken place to crack AES encryption but none of them is economical so far.
Even most of the famous tech companies like Google, Whatsapp, Instagram, Facebook use this encryption to store user credentials on their system.
Another big advantage of a password manager is that they offer auto-fill services. This is not the kind of crappy buggy old autocorrect on your smartphone. The auto-fill feature basically means that whenever you open a particular website for eg: Facebook.com, if the password manager has the site name and its login credentials saved on it, it will automatically fill the credentials in the required fields whenever you visit facebook.com. Freaking awesome right? This ultimately means that you won't have to type it in the credentials but only have to just press the enter button.
Wait there's more since all password managers are based on the cloud, you can virtually access your passwords from anywhere around the world provided you have a working internet connection.
5 most famous password managers
Each one has its advantages and disadvantages, but the one that stood out the most on our tests is LastPass.
For the purpose of this post, we are using LastPass password manager as it is one of the most user-friendly, packed with full of features and offers great value for money. In fact, the free version offers enough features for small home users. But if you want business level features you may need to go for the PRO version.
I am sure there are people around us who still set their password like "1234", "abcd" and even put it as simple as "password". Well, this is one of the worst things you can do as even with a password manager, if you set your password like the one above, none can help you because of your foolishness. Most hackers try to type the above obvious and insanely common passwords and also try your name, relatives name etc. If none of them work then only they will move towards the real brute-forcing attack as it is time-consuming.
For all those wondering what brute force is, in cryptography, a brute-force attack consists of an attacker submitting many passwords or passphrases with the hope of eventually guessing correctly. The attacker systematically checks all possible passwords till the correct one is found. In iPhones, if someone tries to unlock the phone with the wrong pattern or pin for more than 10 times, all the data will be wiped from the iPhone. This is a security measure introduced by Apple against brute-force attacks.
The best password should have a combination of letters, symbols, numbers, uppercase characters, lower case characters etc. LastPass helps you do just, it can help you to generate random passwords with the above conditions with just a tap and save it in its vault or directory. This will make the hackers work so hard as it will eventually take hundreds of years to crack the password, even with brute force.
LastPass can also identify phishing attack as it will always check if both the URL's i.e. the one you entered on your browser and the one that LastPass has on its server before auto filling the password on the website. If the website is found to be a scam it will not fill the details on the site. Thus saving your account from a hacker.
As an added tip it is pretty easier to find a phishing attack: Just check if the website you are visiting has the green padlock icon in the URL address bar, this means that the site has SSL which stands for Secure Socket Layer and this means that all the details you type in are going through a secure pipeline or tunnel where no outsider other than you and the website can view sensitive information. All SSL sites start with https which stands for hypertext transfer protocol secure.
LastPass also comes with a weekly password challenge test that allows you to check the integrity of your password vault and urges you to change your password regularly which is really a healthy habit in the tech industry.
The decryption and encryption of passwords in the LastPass vault are done locally inside the system. This ensures the ultimate level of protection one can ever hope to get. All this for free, what more do you want!
LastPass also has an Android and iOS mobile app so that you can easily login via your smartphone. The app is quite handy and the auto fill feature works like a champ. LastPass app runs in the background and consumes very little memory and ram of your smartphone. Moreover, it does not consume too much battery. In fact during our test it only consumed <1 mah battery per hour.
To conclude, here are some tips that you should follow while making a password:
Concluding, all Internet users must have a unique password and password managers are things what makes this possible. The longer your password is the more stable it will be. You can use any password managers you like but make sure it's a known and trustworthy brand.