Password managers: pros and cons of their uses. Shutterstock photo
Year after year, “123456” is consecrated as the most used password in the world. Cases of cyber attacks like those that happened this year at Mercado Libre, with hundreds of thousands of interested users, they made us think of more than one online security practices. In this context, password managers They can be great allies.
It is worth clarifying from the start: they are not infallible, but they are a starting point for protecting sensitive information. The “Password manager” are programs that manage all our keys in one placeremember them for us and also suggest very complex combinations of characters that we don’t have to remember.
“Managers have a great advantage: they facilitate the task of ‘remembering’ passwords to one, which allows the possibility of using a different password, unique and also difficult to memorize, for each service we use and request it”, he explains to Clarione Ivan Barrera Gold, alias hackansoftware developer specializing in computer security.
The objection arises immediately: Is it nice to have all your eggs in one basket?
Insecure passwords: A more common problem than you think. Shutterstock photo
“Of course they can be considered a potential security problem: now all of our passwords are in one place and anyone with access to them could digitally impersonate us. Or, on the other hand, if we forget the password we use we could lose access to all our keys! And with it our digital identity ”, he explains.
Indeed, there is no categorical answer on whether to use them or not, especially if we take into account a maxim that says: the easier it is to use them, the less security we will probably have.
“On the one hand it is impossible to say that a software is inviolable without a defined framework: even if the database is impossible to open without the correct key, a software bug could allow access to data when opened by the user, for example. Or an implementation error or improper use of the encryption algorithm in wrong mode could allow the database to be opened even without its password “, explains the specialist.
“Information security is a very complex field and requires answers that rarely get to the point. Normally, instead of speaking in absolute terms, we prefer to use more precise terms: respects such or such security mechanisms, has protection against certain types of defined attacks, etc. Everything else usually is marketing“, he clarifies.
Based on your experience and knowledge, you should use them. “The advantage of being able to easily secure all the services we use with the convenience of having to remember a single password overcome the disadvantageshe thinks
“Sure, you should get the necessary safeguards and appropriate to the case: have backup copies of the data of our manager, so as not to lose access; use a unique and complex password to protect this data from being accessed by others; do not use it on other people’s computers ”, says the specialist.
Therefore, in this note, best password managers available in 2022, in its paid and free versions.
Tip for paid versions: Many services, if you start signing up for the paid version and stop halfway, then they offer a discount. Therefore, in many cases, you can pay less for the first annual subscription.
Remember Bear
Remember Bear
RememBear has a big advantage for those starting to use managers: its interface is very simple. Because it is “gamified”, it makes entry into the world of managers more accessible.
Among the cons may be that it is not accessible to import passwords we already use, nor does it have configuration functions on how it encrypts information.
However, for beginners it is a great option because in addition the system recovering the master key is very accessible.
LogMeOnce
LogMeOnce, one of the most customizable
Among the most customizable there is LogMeOncean application that has gained ground between last year and the current one.
With a free system (with advertising), it allows you to store an unlimited number of passwords.
Note: It has a lot of features that can get a little confusing, but with patience, it becomes intuitive.
caretaker
caretaker
Keeper is one of the most popular. Although its “military encryption” is a marketing move, it is as secure as any other. It also has some cool features.
A good browser plug-in that facilitates access, an optional option for securely backing up files and even testing our pre-existing passwords to see if they have been compromised.
Its free version barely allows you to use the simplest: the “vault” with all saved passwords, password generation (example: lnBPBKfsS7xYK10l $ uJ!) and some other functions.
In order to open the “vault” from any device you have to pay $ 39 per year (plus tax).
KeePassXC
KeePassXC
KeePassXC comes from free and cross-platform software. Like most, it allows you to auto-complete forms and export and import the database.
It also allows the use of various security mechanisms, such as password or token / physical key. “The data is duly protected at rest, that is, as long as the database is closed, through encryption and authentication, it is safe,” explains Hackan.
is 100% free.
Dashlan
Dashlan
Dashlane fulfills all the basic functions plus the ability to connect to vpnthat is a private network.
It has a check for compromised passwords not only in our services but also in the so-called “dark web”.
It costs $ 39 plus tax in its paid version.
1Password
1Password
It is one of the most intuitive: its interface is quite simple.
On the other hand, its browser extension is a bit mean and too it does not allow passwords to be “inherited” we were using, so you have to load everything from scratch.
1Password is compatible with a large number of browsers and operating systems
LastPass
LastPass
Like Dashlane, LastPass also checks for compromised passwords on the dark web.
It allows you to inherit passwords and, in any case, change them for a more secure one suggested by LastPass.
It is limited to one unpaid device.
So what’s the best password manager?
Password: a complex world. Photo: Shutterstock
The answer is not definitive and it is also very personal.
Hackan explains: “If I had to advise, I would probably advise readers to do so test with different managers and evaluate with your own means that worked best for you, perhaps using the following questions as a guide “:
- Do I have access to and control of my data alone?
- Does the application allow me to change, migrate or cancel the service?
- Is it easy to use and can I mostly understand what’s going on?
- Does it work on all my devices?
- Does it work or does it integrate easily with my browsers?
- Do you have various mechanisms to protect my information?
“It is likely that many services fail before these questions, but it does not necessarily imply that they are bad, as on the contrary they could be convenient. In general, all managers who are cloud services do not answer the first and second questions, but could act as a gateway for the use of managers ”, concludes the specialist.
Either way, with or without a password manager, it’s time to bury, once and for all, the “1 2 3 4 5 6”.
SL
John Brodersen
Source: Clarin