The Power of a Password Manager

Password Managers

All of us like to think that we are unique and that thinking extends to our passwords too, right? We are special and distinct, and no one could guess our specific combination of letters, numbers and symbols. Well, did you know that it is very easy for computers to very quickly determine passwords. So, using a password manager is a great move, as you can securely store your passwords in an easily retrievable way. But is your master password for your password manager secure, original and long enough?

Yes, your password may be difficult for another human to guess, but computers can run through the possible combinations in seconds. For example, Password Depot found that a password consisting of five characters (three lowercase letters and two numbers) can be hacked in only 0.03 seconds.

As you add extra characters, the amount of possible configurations increases which adds time a computer will take to guess the password.  A seven-character password (one capital letter, six lowercase letters) will take approximately nine minutes. At eight characters (four lowercase letters, two special characters, and two numbers) will take 2.6 days.

This is why experts agree on complex passwords (or passphrases) with many letters and numbers. But the problem is that they are so much more difficult to remember, and that’s why it’s a good idea to use a password manager.

Password Manager

A password manager offers high end encryption to protect all your passwords. You can store all your passwords in a password manager and when you want to log in online from your desktop or mobile device, it can prefill your username and password. Most password managers also notify you if passwords are weak or get compromised. They may also flag that you are using the same password across multiple services, which is a big no no.

Don’t Forget Your Main Password

Password managers are set up so that the provider cannot see your stored passwords (called zero knowledge). The password is encrypted before it reaches the manager’s server and cannot be deciphered.

This means you have to be careful not to forget your master password (ie the one you use to access the password manager). Without it, you may not be able to access your account.

It is essential to make your master password unique and that you do not use it anywhere else. The use of repeating passwords increases your risk of getting hacked. ie if one of your services is hacked, the bad guys could then try that same password on other sites.

The current best practice as far as passwords go is to use a passphrase along with a mix of alpha-numeric symbols. This gives you a length of between 15 and 30 characters. You can use a variety of uppercase and lowercase letters, numbers, and symbols. Some examples of passphrases include:

  • MyEuropeaNHolidayWasFab-2019()
  • i_luv_MY_dog_785#61
  • MyPartnerISDABest=10/10

If you make the passphrase mean something to you, it will be more memorable but  harder for hackers to crack. Also, remember to not use names or items that that you may reveal on social media.

How To Implement Password Security

Do you need help with implementing a password policy or with a password manager? Our tech experts are here to help, so contact us today.

2 thoughts on “The Power of a Password Manager

  1. Pingback: Changing Your Email Address? | DP Computing's Blog

  2. Pingback: MFA and Push Bombing | DP Computing's Blog

Comments are closed.