Why you need a Password Manager right now

Cyber crime has been on the rise and in a world beginning to embrace remote work, it has become all the more important to protect oneself from the havoc often wreaked by cyber criminals.
 

 

The majority of cyber attacks exploit the human element that is often baked into technology and this is why security is often one of the greatest concerns of any development team. Unfortunately, one of the most popular entry points for criminals is through your password. If you come up with your own passwords, chances are that they are moderately secure at best and at worst are an open door for cyber criminals. You may want to change them all right now especially if you are reusing some of them.


Usually, sites that require login credentials save your password using a hashing algorithm; which transforms your password into a seemingly random assortment of characters referred to as a hash. The hash that results from your password is then saved to a database and then used in the future to authenticate your login credentials the next time you login. The hash is a security feature that ensures that in the case of a data breach, attackers do not have access to your password in plain text.


Data breaches do occur and often databases containing hashes are leaked to the dark web where sophisticated networks of hackers acquire access to them.

 
Now, hashing works well as long as the password that was hashed was good enough not to be guessed via social engineering or a good old brute force attack. A brute force attack involves hackers systematically guessing your password until they crack it. It is a trial and error method that requires a substantial amount of computing power.


With a vast cache of passwords in their possession, hackers can devote time and resources - two things they often don't lack - to cracking passwords. There are several mistakes one can make when conceiving a password. The first is using a short password. Any password shorter than 8 characters can easily be brute forced and this is especially true if said password is a common English word or variation of one. A second mistake is using any variation of the word "Password." Another mistake is using the same password for more than one site. The list of mistakes is endless and the point here is that most of us are not very good at generating secure passwords.


A good password has several characteristics:

  •  It is longer than 8 characters.
  •  It has a healthy variety of characters and symbols: lower and upper case characters and symbols    
  •  It's not an English word or variation of one. In fact, the best password should not be a word at all

    

Armed with this information, one can create most of their passwords without any danger however, a good password will most likely be difficult to remember let alone ten of them! 

How can an ordinary user of the internet make sure that their password isn't vulnerable? The answer is simple: by employing the use of a reputable password manager. Password managers work by creating secure passwords for you, hashing them and then storing them in a database for easy access by you on your browser or application. 

The user does not need to remember any of the generated passwords and most password managers seamlessly integrate into your web browser and fill in credentials on your behalf. There is a caveat though: password managers require a master password which grants the user access their password vault/database. 

It can be argued one drawback to using password managers is the risk of exposing one's entire password collection through one master password. This danger can however be minimized by having a good master password and furthermore, the advantages provided by the aforementioned managers far outweigh this one disadvantage.


Some password managers are require paid subscriptions while others are open-source projects and thus free. Others save your passwords on the cloud while others save them to your device's hard drive. 

The choice of which password manager to use can quickly become a complex mess but it is however wise to bear in mind that the rule of thumb is always that the more reputable a password managers is, the less likely you are to encounter challenges down the road.



   

Comments

Post a Comment

Popular posts from this blog

How your VPN works

Image
VPN stands for Virtual Private Network and like the deep web, VPNs have democratized internet access and provided security to those who need it most. In addition, they have also removed some of the barriers that service providers put in place based on geography. A famous example of this is the wide use of VPNs to access Netflix content that has not been made available in some geographical locations.   Some individuals reside in countries with repressive governments that have control over the internet and what can be accessed over it and thus control what their citizens can access. Others have to contend with governments that collect their personal data or have mass surveillance programs. All of the aforementioned situations can be avoided with the use of a VPN. Now that the place that VPN technology holds in our highly connected society is obvious, how do they actually work? To uncover the inner workings of the technology, we will employ the use of an analogy. Think of the internet...
Read more

The Mouse on Your Desk

Image
The mouse is today almost as ubiquitous as the smart phone. Although Douglas Engelbart is credited with its invention, the mouse has ancestors that predate the prototype that was presented in Engelbart's December 9th 1968 Mother of All Demos. One cannot begin to discuss the origins of the mouse without talking about the trackball. The trackball was a pointing device that was invented in post-World War II-era Britain by Ralph Benjamin. It was invented to become a more useful replacement for the then joystick which was used to input coordinates for analog computers that would then calculate the future positions of target aircraft. All of this happened under the auspices of the British Royal Navy - one of dozens of examples of war being the driver of innovation in computing. The trackball was useful enough that Kenyon Taylor, Tom Cranston and Fred Longstaff of the Royal Canadian Navy, invented their own trackball. Unlike Ralph Benjamin's trackball, this iteration was never patente...
Read more