Today, it is almost impossible to keep track of all of the websites and systems we use in our daily lives, there are different passwords for online banking, social media, email, and Netflix and that is just for the personal accounts we keep. In addition, there are passwords for computers and other resources at work. Some solutions use one password across many systems, but some do not and then they require regular changes. How do we as Internet-connected populous keep up?
Well there are a few things that could help you keep a handle on things. You could use one password and only one password, but that opens up more than a host of security concerns – don’t do that. You could also keep a notebook (paper or digital) to store the relevant information for every single application or website or computer you have ever come to surf upon in your entire online existence, but that option also isn’t very maintainable long term.
Another option is a password manager, which is the focus of this post. Which one should you use? There have been other solutions discussed on the Petri IT Knowledgebase in previous posts, which call out locally stored options, and these are great as they help you maintain your sanity and keep your passwords safe, sound, and encrypted. In addition to these methods, there have emerged a few players in the cloud-based password management space and this post intends to look at the general features provided by a cloud-based solution and offer some insight as to why this might be a solid password management choice.
Online services typically allow you to manage your account from many devices, including your phone, tablet, laptop, and desktop computer, enabling you to access passwords wherever you may need them and ensures you are less likely to be without key information when you need it.
Although it may be possible to export your data from a local application to an encrypted file stored in Dropbox or pushed to your phone/tablet for use in a mobile version of the application, this seems like a lot of extra work. A cloud service that offers cross-platform capabilities will streamline this access. Another consideration, which may come as a bit of an inconvenience at first, is multi-factor authentication. This allows your login to the password manager to require verification using something you know, a password, and/or a text message from your phone or another device. This is useful in that it prevents your password from becoming a single point of failure. Although it may take some getting used to, two-factor authentication is a great way to further secure your passwords and sensitive data.
In many cases, there are free versions of online password management tools available in addition to a premium version of the same service for a reasonable fee. The premium service will offer additional features (e.g., more devices, password evaluation).
Many password management tools allow you to store more data than just passwords for websites. Doing this helps to keep all of a user’s secure data in one place and available from any device. These solutions can store important data that should not be stored just anywhere, such as software license information, driver license, and credit card information.
Sharing encrypted passwords, offered by some cloud services, is also easier and far more secure than just pasting the information in an email. Since email is not natively secure, the password information sent in email to a co-worker could potentially be captured in transit to the recipient. The online sharing method allows a link to be shared that allows the recipient to create an account and login to access the information. This way, the link is the only thing contained in an email and access requires an account (existing or new).
Cloud password managers may offer an evaluation of your stored passwords to check for duplicates and weak passwords that are being used to help keep your passwords secure.
Secure Password Generation is another reason you might want to use a password manager (online or offline). These features create passwords that are almost impossible to guess (and remember), which helps improve their security. Since the stored passwords can be copied and pasted or automatically filled in via browser extension or app, there is virtually no need to remember or write them down.
Storing your credit card information in a password vault that lives online may seem like a risky endeavor; however, online password managers are encrypted with no way to access your data. The ability to auto-fill your credit card information to make an online purchase is surely a convenience and can be a reality now that encrypted information storage is available. In addition, these vaults can also serve as a backup for this sensitive information, making it less of a hassle to replace if you should need to do so.
This list is not exhaustive, as there are many solution providers, both online and offline, helping all of us to better manage our online lives. In addition, keeping your banking password secured and different from the password used to play Candy Crush or surf Facebook is definitely a step in the right direction.