Selecting a Password Manager

Tutorials
Written By Rachel Yang
unsplash-image-zEFyM4sulJ8.jpg

I’ve had a few questions recently about the use of password managers. Are they safe to use? Which one should you sign up for?

There are many services out there that help you create and remember strong passwords, but there are a few key features to look for when making a choice.

First, what is a password manager? A password manager is a service that remembers your passwords for you. It also suggests strong passwords for you when creating a new account. A password manager comes in the form of a browser plug-in and requires registering for an account.

Once you start managing passwords from the manager, you can probably rest assured that they will be safe. Because you are using the password manager as a vault for all of your passwords, the password for the vault had better be a good one. Use two factor authentication where available and use every method of complexity that is required.

Password managers can also act as your wallet, storing credit/debit card and banking information, addresses and other personal information and provide autofill for quickly getting through online forms. You can easily import lists of passwords from other services, or upload your own .csv file if you have been managing offline. Most also provide reporting on both the strength of your passwords, and the possibility of an account being involved in a security breach.

A few things to look for when selecting a password manager:

Is two-factor authentication available? Any self-respecting password manager will have 2FA, but it pays to double check. If you already use a 2FA app such as Duo, you might want to check for compatibility.

Is the data encrypted? Again, this is a standard, but double check that the service explicitly says it. End-to-end or Zero Knowledge Policy are phrases to look for. Zero knowledge means that the service does not store any of your data. They are blind to your details, so if they are hacked, your data will be less vulnerable.

Is backing up data an option? If the passwords are stored locally, on your computer, which they often are, you’ll want to back up your passwords and any other stored data. Just as you do everything else, right? And you’ll keep that back up offline in a secure place, right? :-)

Are alerts and reports available? A good service will offer alerts when there is a potential problem and periodic reports to let you know of any weaknesses in your passwords and if anything needs updating.

Is there an import/export function? Obviously, you’ll want an easy way to get all your passwords loaded.

Does the service suggest strong passwords? Since the password manager is storing all your passwords for you, this relieves you from having to remember long complicated passwords. But you’ll want to make sure the service offers strong passwords for you that meet length and complexity requirements. This is also where the secure notes feature can come in handy for the times you are logging in to a computer that’s not your own.

Is sharing possible? A nice feature many services offer is secure sharing with family members or colleagues/employees.

Here are the services I looked at and their features. All of them offer 2-factor authentication, encryption, mobile app and browser extensions, reporting and alerts, sharing, desktop or work offline feature.

1Password - Appears to be very family friendly if you are looking for a way to share passwords across devices and homes. Also manages memberships and offers secure notes. There is a fee for this one.

Dashlane - Offers a free option for one device at a time. Additional features include wallet for managing credit/debit cards, receipts and health records.

LastPass - Has a free version and offers extras such as autofill and a wallet feature.

NordPass - Has a free version for one device at a time. Offers many extras such as autofill, OCR (Optical Character Recognition) scanning for searching stored documents, and biometric authentication.

Sticky Password - Offers a fairly robust free option. Extras include secure notes, wallet, USB portable version, and autofill.

Zoho Vault - Has a robust list of features with the free version. Extras include autofill and wallet management. This service is good for enterprise use - fee-based features include access management, team sharing, and user activity reports.

All services that I looked at offer a free version, or at least a free trial, with added features for a fee. I suggest you try one out first before handing over any money, and see how many of the features you really use. If you just need the basics, free versions definitely provide robust enough services.

Rachel Yang

Web designer, user experience professional, just to start…

http://www.atlenas.com
Previous

Summer Reading List 2020
Next

Strengthen Your Responses to Security Questions