Most people are quite skeptical when it comes to having a password manager. They ask how it can be safe to have all your passwords saved, often thinking “Isn’t this going directly against what we are taught, to not write down our passwords?”
With so many passwords to remember, people often write them down in insecure locations – saved to notes in their phones, saved in their web browser, or even kept on a sticky note under their keyboard! People normally opt for passwords that are easy to type quickly, making them susceptible to being hacked. The biggest difference between storing your passwords in plain text vs. in a password manager is encryption.
So how do password managers work? And how does it keep your accounts and passwords secure?
Password Managers generally work using Military Grade Encryption. Password manager services such as ‘LastPass’ work using a “Master Password” which is used to access all of the saved passwords within your “vault”. What that ultimately means is that all passwords in your vault will be stored in an encrypted format which is highly protected such as “3eJZd52IF+troD/8k/FuyE=”. Now even though this string of random letters and numbers isn’t easy for a human brain to remember, luckily our password manager can!
The data you keep in the LastPass vault is kept secure and can’t be seen by LastPass. Your passwords will be safe and secure on your device (laptop, computer or mobile device) and only you can use them since only you have your master password. Of course, this isn’t foolproof; if someone gains access to your master password, then they can access your passwords in your vault. However, we can significantly decrease the likelihood of this happening by enabling two-factor authentication. This means that you’ll have to take two actions to login. For example, when you’re logging in with your master password, you will be sent a code to either an e-mail, phone or an application on your phone.
Even if you choose not to use a password manager, enable two-factor authentication where you can, as this can assist with preventing 99.9% of attacks on your accounts.