DATA DOCTORS

Addressing common concerns about password managers

Apr 10, 2021, 5:00 AM

(Unsplash Photo)...

(Unsplash Photo)

(Unsplash Photo)

Q: If someone “acquires” the master password for my password manager program, then they have access to all my accounts. How’s this different than a single password for all accounts?

A: This is a common and legitimate question that often keeps nontechnical users from incorporating a password manager, but it’s important to understand that cybersecurity is never about achieving 100% security as it’s just not possible.

The real focus needs be on evaluating the degrees of security based on a number of variables and whether you are in control of them or not.

Using the same password on all your accounts means that if any one of those accounts is breached, they are all at risk because the standard operating procedure for cyber-thieves is to try the same password on thousands of other sites.

You are also only as secure as the least secure site that uses the same password.

Who’s in control?

Protecting the personal information that you provide to any company is totally out of your control.

The fundamental security enhancement of using a different password for every account should be fairly obvious to everyone, but not possible without some form of password management.

Protecting how you manage your passwords is one of the most important things to focus on, which goes to your question.

If you were to write down all your passwords and keep them in a very secure place, that would be preferential to using the same password on every account.

The key is to not make it obvious that the information is a bunch of passwords in the event someone else finds it.

Password manager security

When you incorporate a password manager, you only have to create, remember and protect one password.

It’s important to use a very long and complex password that you have never used before for the best chances of keeping it secure.

Most password management programs provide lots of additional layers of protection that you can setup that include two-factor authentication and rules that deny access based on location, device or IP address.

When you add these additional layers of protection, even if an unauthorized person acquires your master password, they won’t be able to use it because they won’t have the necessary additional items to be fully authenticated.

You’ll also get a warning of a failed or blocked sign-in attempt, which lets you know to change your master password to be safe.

What if they get hacked?

Another common question about password management services is, “what happens if they suffer a breach?”

Your passwords on all of the services are stored using powerful encryption, which means any breach of the encrypted data would require the hacker to spend time attempting to decrypt the information.

The service would automatically require you to reset your passwords, which would render the stolen information useless by the time it was decrypted.

Suggested programs

For many years, I’ve recommended LastPass because it offered lots of features in the free version of the program, but if you want to use it on both a computer and smartphone, it’s no longer free.

Another fee-based service that has lots of great features is 1Password.

Both services offer individual or family-based plans that range from $3 to $5 a month.

Data Doctors

(Pexels Photo)...

Ken Colburn, Data Doctors

Here’s why you should use Gmail’s unsubscribe tool

Many 3rd party tools offer to help, but in virtually every case, it requires giving up some privacy, so using Gmail’s built-in option is my current preference.

7 days ago

(Pexels Photo)...

Ken Colburn, Data Doctors

Here are your options for resetting your forgotten passwords

If a forgotten password is easily reset, it’s not much of a security barrier, which is why resetting can get complicated.

14 days ago

Several plugs are seen attached to a power strip surge protector....

Data Doctors

Here’s what you need to know before buying a power strip to protect multiple devices

If you are looking for a power strip to protect a large number of devices, here's what you need to know before buying one.

21 days ago

Find something you downloaded: Steps for Android, iOS...

Ken Colburn, Data Doctors

Arizonans: Can’t find something you downloaded to your smartphone a while ago? Try this

Want to find something you downloaded to your smartphone? Files can be easy to use. Follow these steps for Androids and iOS.

28 days ago

Moving your Cox email to Yahoo Mail? Learn about the transition process, from webmail access to ema...

Data Doctors

Data doctors: Beware of Cox to Yahoo email transition scams

Moving your Cox email to Yahoo Mail? Learn about the transition process, from webmail access to email client settings.

1 month ago

How to sync smartphones to Windows computers: Arizona tips...

Data Doctors

Tech tip for Arizonans: How to sync smartphones to Windows computers

Want to learn how to sync smartphones to Windows computers? This article from the Data Doctors explains which steps to take.

1 month ago

Sponsored Articles

...

Day & Night Air Conditioning, Heating and Plumbing

Beat the heat, ensure your AC unit is summer-ready

With temperatures starting to rise across the Valley, now is a great time to be sure your AC unit is ready to withstand the sweltering summer heat.

...

Condor Airlines

Condor Airlines can get you smoothly from Phoenix to Frankfurt on new A330-900neo airplane

Adventure Awaits! And there's no better way to experience the vacation of your dreams than traveling with Condor Airlines.

...

Midwestern University

Midwestern University Clinics: transforming health care in the valley

Midwestern University, long a fixture of comprehensive health care education in the West Valley, is also a recognized leader in community health care.

Addressing common concerns about password managers