10 November 2021
The problem with passwords
We are all required to create and remember passwords on many websites and apps that we use. Moreover, we are requested to use stronger, longer passwords, and we need to change some of them quite often. But how much passwords can we remember?
Unfortunately, many people tend to use the same password across multiple services, recycle old passwords and when they need to change a password, they just replace a single character or add a different number.
Even though you may think this is OK, this is in fact extremely insecure since attackers and hackers will reuse any credentials (usernames and passwords) that are stolen in cyber attacks and try them on other websites. So if you reuse the same password, even with slight modifications, such passwords can be used to access other services using your user ID.
Credential attacks are on the increase, since any stolen credentials are extremely useful for attackers. Such stolen user IDs can be used to impersonate victims and are used to launch other attacks, apart from also being used to target the victims in further fraud that can have serious financial and legal repercussions.
What is a Password Manager?
A Password Manager is a service that is meant to help you manage all your usernames and passwords without having to remember your passwords. Sounds useful right?
In fact this is extremely useful and quite easy to use. Some of the best Password Managers are free and very secure. They would be accessible through a website, and most of them also provide a mobile app and browser extensions.
So how does it work?
Why do I need to use a Password Manager?
The simple fact is that no one can remember tens or hundreds of unique, strong passwords. Technology comes to our rescue in this case. You just have to remember one password that protects all your other passwords. All the credentials are stored securely, being encrypted using very strong encryption and backed up automatically by the Password Manager service itself.
Can’t I use the “remember password” feature in my browser?
Although the “remember password” feature may sound similar to a Password Manager, this is in fact quite different. First of all, the passwords are not always strongly encrypted and can be accessed by anyone having access to that device. Moreover, features such as password generation are usually missing. A Password Manager will also allow you to securely access your saved credentials from multiple trusted devices, when you securely log in using your main password and confirm your authentication with multiple factor authentication, like the fingerprint reader mentioned earlier.
Where do I start?
There are a few Password Managers that we are comfortable using, some of the best ones are free of charge for personal use. If you search for “best free Password Manager 2021” you will get reviews of these products and you can select the one that suits you best.
Remember – using a unique password per site/service/app is the most important lesson here. This is a basic cyber hygiene tip that if followed, will surely help you avoid being a victim of most cyber attacks. A good Password Manager is a very easy and effective way to do this.
By Jocelyn Daja; Information Security Analyst, Digital Team at GO