Password Management

Olieman eth q7h8 L Ve Ug FU unsplash

The login credentials of one of our customers were flagged as suspicious by our password vault because they appeared on a list of leaked login credentials. When we reported this to the customer, he indicated that he used this combination everywhere. Really! Yes, really. That gave us a bit of a shock... In the year 2022, that's no longer acceptable. But fortunately there are very good solutions.

You really run a big risk

Suppose you find your LinkedIn username and password so easy to remember that you use this combination for other sites as well. Pretty convenient, right? You use it for your social media, for Nu.nl, but also for all kinds of websites where it is possible to make purchases, which you may even be able to pay for afterwards.

And then there's a data breach at LinkedIn. That means that third parties have been able to get at LinkedIn's combinations of usernames and passwords. Those combinations are worth good money and are then traded. You get an email from LinkedIn that there has been a data breach and that you need to reset your password. No problem, fixed in no time.

But ... do you remember what you all used this combination for as well? Do you remember to renew your password at all these sites (and for some people there are dozens)? Usually not. For example, orders can be placed in webshops in your name, which are not going to be delivered to your home, but whose bill is going to show up in your inbox. And that's a scenario no one wants.

So always make sure you use a unique, difficult password for each login. "Yeah, I can hardly start memorizing hundreds of logins, can I?" I hear you say. No, fortunately you don't have to. You only need to remember one: that of your password vault.

What is a password safe?

A password vault is software that allows you to centrally manage all your login data. So you only need to remember one password, with that you get into the vault containing all your login data from the websites and software of your choice.

Cybersecurity specialists agree that password vaults are the safest way to protect your passwords.

These are good examples of well-known password safes:

Logo lastpass
Logo 1password
Logo nordpass
Logo dashlane

How do password safes secure your data and what makes them so secure?

Password safes secure your login data in several ways, which is why they are so secure to use. They use the AES 256-bit industry standard that is also used by the military to encrypt data. Cracking this is nearly impossible.
Password safes also protect your data from itself by using zero-knowledge architecture. This means that your passwords are encrypted before they leave your device.

To enter the system, you create a master password. With this, you can rest assured that all your other data is safe. To further secure your password vault, you can also use two-factor authentication (2FA). You then have an app on your phone that displays a new 6-digit code every few seconds. This must be entered in addition to your login name and password and is linked to your mobile phone. This way, other people cannot surreptitiously misuse your login data, because they always need that code from your mobile as well.

Sounds all very good? It gets even better! Because a password vault actively provides notifications about outdated, overused or weak passwords. And, what prompted this blog post: they know which login credentials have been leaked and thus need to be replaced as soon as possible and alert you about it. A very safe idea.

Are there any risks to using password safes?

Life is full of risks, especially online. How do you minimize them as much as possible?

Check if your password vault keeps its data in the cloud and if not: make sure your data is backed up. After all, everything is now in your vault and you don't want to lose that data.

The most important tip, though, is not to use a free password safe. Yes, free software is always interesting, but to entrust all your passwords to an untrustworthy party is really not a good idea. These free password management systems are often baby carriage, developed by shady companies and sometimes even contain malware. Cheap really is expensive in this case.

Pexels pixabay 60504 1

Should you use password management?

The answer to this is short: yes, you should use password management. This allows you to keep track of your passwords without remembering them. Some password safes can also generate and change very secure passwords for you with one click, as well as securely store other types of data such as credit card information. A password safe also makes sharing your data with family and friends more secure. It's a much better way than writing down your login information in an e-mail or a note on your phone.

Of course, you have to trust the company behind your password safe. However, most have impeccable reputations. They are also far less risky than some dubious app or browser add-on that people install without much thought.

Yes, they have their flaws and vulnerabilities. But in the end, it's not just the password safe that protects your most valuable information. You should also use a reliable antivirus program to prevent malware from infecting your device. Keeping your software up-to-date is no less important, as is double-checking the apps and extensions you are about to install.

Investing in your digital security may not have been immediately on your priority list. Now, hopefully, it is.