In the evolving world of technology, information security is a critical need. Since the very beginning, using passwords or passphrases have been a crucial method of securing data, whether it be for access to resources, or for verification of identity. Gone are the days of simple passwords and lack of encryption. For example, in 1990, a non-alphanumeric password of eight characters could be brute-force cracked in three months and six days (approximately) by a computer. In the current year (2020) with today’s processing power, that time is reduced to three hours and twenty-four minutes. As time progressed, so did password policies. Many resources now a day require passwords to be longer and more complex, and to be more secure, people are told not to repeat passwords. But, how does one remember various passwords for various accounts, while keeping them secure? Enter password management.
Password managers are tools used to safeguard passwords and other credentials used for accessing various resources. There are a wide variety of password managers out there, but they work on the same principle. Passwords for applications and other resources are either stored locally or on a server in an encrypted database, requiring a master password for access. One can further improve on security by setting up two-factor authentication, or token based access.
As with most services, many different password managers exist for the needs of different users. The popular password manager, Dashline is an example of a very simple to use and easily accessible piece of software for personal use. It has a free version as well as a premium version that comes with more benefits. In terms of an enterprise environment, a password manager like Keeper is a viable option, albeit at a different price point than one for personal use.
Keeper is a security-first password manager that relies on the central principle of “zero-knowledge”. Like most password managers, on installation there is a typical warning. If you forget your master password, the company cannot retrieve the information for you. This means even a subpoena can’t force the company to turn over your passwords and that a shady employee can’t weasel into your stored data. As such, Keeper does not update your passwords automatically, so all information is local and does not touch company servers. Other features it includes are a digital vault and password generator, that is especially useful to generate a strong password and then store it in the application.
A password manager is a very useful tool for all kinds of users, and should be something people look into for better security. There are many options out there, and doing your research helps narrow down the best software for your needs.