Managing passwords can quickly become a real headache, especially if you want to follow good password practices. Indeed, it is recommended to use complex passwords by varying the types of characters, and therefore potentially difficult to remember, but also to use a different password for each service on which one registers.
Today, the majority of sites involve registration, especially when there is a notion of “account” or “personal space”. In the end, there are several tens or even hundreds of passwords that should be remembered. An impossible mission if you want to memorize everything.
Under these conditions, it is humanly impossible to remember all this information! This is where the password manager comes into the equation and changes your life!
Why protect yourself and use a password manager?
These days, computer attacks are very common, and even if an attack does not target you directly, it can target a website or a service on which you are registered. By using a different password for each site on which you register, you limit side effects.
Let’s take an example. You are registered on an e-commerce site and it is the victim of a computer attack. The attackers were able to recover the database, with customer IDs and passwords, including your information.
Thus, the malicious person will be able to use these identifiers (your e-mail address and the associated password) only on this site, because on the other sites you use other passwords! Therefore, you will only have to change the password on the compromised e-commerce site. If you use this password on 20 different sites, you must return to all of these sites to protect all of your accounts. A long and boring task.
Let’s assume that you use a different strong password for each site you register on. How are we going to memorize all of this information? This is where the password manager will prove to be extremely effective. Thanks to him, you only need to remember one password (referred to as the “master password”) which is used to unlock your password vault and access all of your saved passwords. Thus, when you connect to a site, the password manager will provide you with the identifiers corresponding to this site. Believe me, it’s much more convenient, advanced and secure than an Excel file or a notepad.
With a password manager, it becomes easy to use strong and different passwords on each site. Moreover, the password manager can generate passwords for you.
This is all the more important on sites where there is a notion of money, whether banking, sports betting or online casinos. Take the case of a Swiss online casino platform for example. Players are encouraged to pay money into it relatively often and to withdraw the winnings they have made on games of chance. They must therefore protect their customer account so that the amounts won on slot machines or blackjack are not taken against their will because of a stolen password or a password that is too easy to guess. .
The principle of the password manager is that of a safe installed directly on your device. The alternative is to rely on a cloud service where your password vault is hosted on a company’s servers (you should choose your solution carefully).
All the passwords you use on all the sites you frequent can be stored there. In addition, it is possible to store other information: bank card numbers, for example. But also information on your identity: the postal address, the telephone number, etc… Which will be practical on certain sites.
When creating your safe, all you have to do is set a “master” password that will allow you to unlock the safe, then it will load automatically fill in the password field on the sites you use. Within browsers, this requires the installation of an extension.
Some solutions also offer an evaluation of the strength of the password you choose, even if you can use the password generator integrated into the solution to
The other key feature of the password manager is its ability to securely share passwords between different devices. On mobile, this will require the installation of an application, while on computer, it goes through the solution’s website or the software installed locally. The advantage of using a synchronized solution is that if you save a password in your safe from your smartphone, the information will be immediately accessible from your computer, and vice versa. Of course, you have to use the same solution and the same account on all devices.
As you can see, using this type of software will make your life easier by increasing your security thanks to good password management!
The National Information Systems Security Agency (or ANSSI) strongly advises all Internet users to use password managers. This French service with national competence, created in July 2009 and attached to the General Secretariat for Defense and National Security, is in charge of protecting the information systems of the State, but it also intervenes to advise the administrations in companies in regarding computer security. It is also responsible for promoting the proper use of technologies among the general public.
When the ANSSI recommends the use of certain types of protection software, it should therefore be listened to carefully. She has just spoken about some password managers and has certified/audited a few of them. so here’s some recommended product names if you want to start protecting your data on the internet now:
- KeePass: this software is open source and certified by ANSSI;
- LockPass: here is a tool that is certainly paying, but published by a French company and which has a security visa from ANSSI;
- Bitwarden: it is available in the Cloud in a free and paid version, but it is also possible to self-host it on a NAS, for example – See the Bitwarden tutorial.
Can my password manager be hacked?
There is always a risk from the moment a cloud solution is used. However, keep in mind that the master password must be personal, robust and that you must memorize it: it is he who gives access to your safe, and potentially to all your identifiers. In a password manager, passwords are encrypted and protected by definition. The KeePass solution has the advantage of creating a safe in the form of a secure file (which should be backed up) so you are not dependent on any third-party company or online service.