,

Why Do My Passwords Need Managing?

,

With the sudden rise in popularity of Zoom came the platform’s fall from grace, as many cybersecurity experts were quick to point out the security flaws in one of teleworking’s most popular communication tools.  

These flaws, paired with the world’s unrelenting desire to continue using a faulty piece of software, make password management systems as valuable as they’ve ever been. 

What is a Password Manager?

A password manager generates, inputs, and stores authentication information (AKA passwords) for websites you visit and applications you use. 

How does this tie into Zoom? We’re glad you asked. 

Cyble, a cybersecurity firm, was able to purchase more than half a million Zoom credentials in bulk from the dark web. And it only cost them about $0.002 per account. 

Now you might say “I don’t really care if anyone gets into my Zoom account… I don’t have anything on there.” Well fair enough, stubborn reader, but here’s the real danger you should consider: people are creatures of habit. 

A 2019 study from Google indicates that more than half of those surveyed admitted to using the same password across multiple, but not all, accounts. Thirteen percent admitted to using the exact same password each and every time. Only 35 percent claimed they were doing the responsible thing by using different passwords across the board.  

By our math, that means Cyble recently acquired a staggering 344,500 account credentials that may provide them with an exact match for access to other platforms. 

And even if it’s not an exact match, some automated scripting and dictionary password hacking could allow an attacker to test the stolen account information, with variations on the password, across multiple services in a matter of hours... if not minutes. 

If you find yourself within the estimated 65 percent of those who tend to use the same password across multiple platforms, attackers now have access to more of your accounts and more of your information. 

This is especially dangerous for email and bank accounts. Access to one account could allow hackers to chain this information to infiltrate other platforms, granting them the ability to reroute funds from your pockets and into theirs. 

Think of it like this: Your cell phone has access to everything about you and you wouldn’t give a stranger your cell phone without wiping it first, right?

Why are Password Managers Safer? 

They generate and store random passwords so that you never use the same password twice. Getting into those accounts remotely without access to the password manager vault could be tricky for you, but far from impossible.  

They also encrypt your passwords, preventing even the service itself from having access to them. 

Many of these services will offer the convenience of automatically filling username and password fields on websites and phone apps for you. You’ll also be able to copy and paste that information from the password manager yourself. 

Credential sharing is also a thing with these services, allowing fellow users to receive account access without ever actually seeing the specific credentials. 

As you might imagine, you will need to create a password for the password manager itself. This may seem like a weakness, considering it’s essentially a master key to all your other keys, but practicing strong password creation — SuchAsUsingAPassphrase — should eliminate all concerns. 

Our Top Choices

LastPass-Logo-Color.png
 

LastPass: Our tried and true at Beacon Cloud Solutions, LastPass’s paid versions make it easy to create groups and design roles for specific users that will automatically share the necessary authentication information they need for specific applications.

LastPass highlights: 

  • Free or paid

  • Multiple devices

  • Family plans that allow for individual users at a low annual cost

  • Encrypted storage

  • Multi-factor authentication

  • Compatible with Apple Touch/Face ID and Android fingerprinting

  • Automatic form-filling for quick user sign-ups

  • Encrypted Notes

1P-com-wordmark-134px-tall.png
 

1Password: This is probably the most user-friendly version for individual users.  With a simple interface and application support across a multitude of platforms, this is a good choice for individuals and families.

1Password highlights

  • Paid and Trial Version

  • Travel Mode: Removes sensitive data from your device while traveling then restores it

  • Multi-factor authentication

  • Compatible with Fingerprint Unlock and Face ID

  • Allows the user to temporarily share WiFi passwords, door lock codes, and alarm codes with guests 

 

Bitwarden: This is a no-frills password manager. If you’re looking for an open-source option at a relatively low price, this is it. What it lacks in nice-to-have features, it makes up for in price.

Bitwarden highlights: 

  • Only $10 a year

  • Family plan available

  • Account sharing

  • Works with most popular browsers and mobile operating systems

What About Browser Password Managers? 

We could probably write up an entire blog post on why this isn’t a super great idea, but hopefully you’ll settle for a few short paragraphs. In short: Don’t settle for password managers built into your web browser.

Let us be clear: Browser password managers do the trick, but only to a certain extent. Browser password managers don’t offer you any control over the encryption. Many popular browsers also fail to offer a “master key” option, meaning that somebody will only need access to your device in order to access all of the accounts associated with that browser. 

This can also be problematic if you use different browsers for different scenarios across different devices. 

Go with the safer bet and pick a third-party option.