In one of our previous articles on using strong authentication, we established that passwords need to be a long complex sequence of at least 10 characters. It can be difficult to memorize various complex passwords, and therefore one solution to this is for users to use a password manager that can randomly generate and store strong passwords for all of your online accounts.
How do they work?
There are three types of password managers.
1. Locally installed password managers
Locally installed password managers store your data on your device, whether using a computer or using a smartphone.
2. Online password managers
Online password managers store your passwords on a cloud, which is usually the provider’s server.
3. Token-based password managers
And finally, token-based password managers use a local piece of hardware, such as a flash USB device, which contains a key to unlock your password vault.
How do I setup a password manager?
1. Choose a password manager and sign up
There are a number of password manager solutions available and so the first step to setting up a password manager is choosing your password manager type and software. You will need to sign up and register information before you are prompted to create a strong master password that protects your vault.
2. Install the password manager applications
Once you have signed up with an account, download the password manager application whether they are a local, online or token-based solution. Be sure to install the password manager app to every device you use regularly.
3. Add your passwords to your password manager vault
Use the application to fill in all of your current strong passwords for your accounts and replace any weak ones. If there is a possibility you are using many weak passwords, it’s better to go through all your accounts and let your password manager generate a new, secure password.
4. Filling logins with your password manager
Once you have filled your application with your passwords, your password manager will work with your browser and other programs to autofill your strong passwords when you need to login. Depending on the software, as you type your login information you will be able to access your password manager extension or see a pop up that prompts autofill of your strong passwords.
To use password managers with caution, by regularly changing the master password and creating backups of the password vault;
To log out of your accounts when using a public computer (at the library, in a school computer lab, in an internet cafe, or even a shared computer at your office);
Avoid using public computers and public Wi-Fi to access sensitive accounts such as your emails, bank accounts and others.
There's no guarantee that these techniques will prevent an attacker from learning your password, but they will make it more difficult.