In today's digital age, we use a multitude of digital products and services, one thing common across them is how we identify ourselves in the digital world. Username and password was the de facto standard to prove identity, with the growth of the digital landscape, newer and sophisticated techniques are catching up. While Single Sign On (SSO) and Biometrics such as fingerprint and facial recognition are creating a frictionless entry in the digital world, the legacy is slow to catch up. One of the most important steps you can take to enhance security of your online identity is to use a password manager.
Password managers work behind the scene as browser plugins or background apps that store and manage passwords for you. They allow you to generate and store unique, complex passwords for each of your accounts, so you don't have to remember them all yourself. This not only makes it easier to manage your passwords, but also makes it several folds difficult for malicious actors to guess / brute force the password.
According to Forbes , a person remembers on average six passwords. While we access more than 100+ services, these six passwords or derivatives of these passwords create concentration risk. Compromise of a single password by one of the digital services can result in our identity being compromised in 15% of services we use. In order to remember passwords, we use names of loved ones or birthdays to make it personal and unique. If we analyze the most common passwords used it is evident that the majority rely on the keyboard layout to randomize the password, this hasn’t helped.
Another advantage of using a password manager is it helps us follow best practices around how often we change them. Many websites and applications require you to change your password every 90 days or so, which can be frustrating and resulting in account lock-outs. Most of them end up incrementing the last number in password or make minor changes to existing password. With a password manager, you can offload the thinking, this not only saves you time and hassle, but it also ensures that your passwords are unique, consistently strong and secure.
Another factor to consider when it comes to password security is the length of your passwords. As computing power continues to increase, shorter passwords become easier to crack through brute force attacks. In a recent study , 8-character passwords can be cracked in 39 minutes, yes even if it uses a combination of letters, numbers and symbols. This means that passwords with fewer than eight characters are no longer secure enough to protect your accounts. With a password manager, you can generate and store long, complex passwords that are much more difficult to crack.
Password managers also operate across multiple devices, ensuring both convenience and added security while having to use them in public. Some password managers also handle account sharing within families and multiple devices used by a family.
One potential concern with password managers is that they themselves can be vulnerable to hacking. In recent years, there have been several high-profile password manager breaches. However, these breaches are relatively rare, and most password managers have taken steps to enhance their security. Additionally, enabling 2FA can help to reduce the risk of a password manager breach.
In conclusion, as someone who values online security, I highly recommend using a password manager to improve your password hygiene. While digital services catch up on password-less alternatives such as biometrics, QR codes, SSO and One Time Passwords, using a password manager significantly reduces the risk of a password compromise.