Beginner's Guide: Everything about the password manager


Ο Password manager or in Greek, a password manager stores all the passwords on it and fills them in automatically when they are required by a program or service.

In this article we will analyze what is Password manager, how many types are there, if you can trust them, what capabilities they should have, what other alternatives you have, what suits you personally. But first of all, let's see what capabilities you have in managing your passwords.

Memorizing passwords is a headache. Because the use of electronic devices is now widespread, the novice user has to manage at least 20 passwords. For example, he must remember passwords for 2 emails, 2 for banks, 3 for facebook - twitter - instagram, 1 for Windows, 1 for the router, 3-4 for WiFi, 2 for his mobile, etc.

The most advanced might be 50, at most 100. A power user fights with 100-300 codes and an IT can easily grab 1000. Our current article refers to beginner users, and perhaps even advanced ones. Everyone else knows what to do and the analyzes that are going to have nothing to do with you.

For all of these passwords, the user should be able to retrieve them easily, quickly and safely (remember this triptych). How? Let's go see

Ways to store passwords - Alternatives
A. Use of simple codes
The solution is very simple. You can use the code 123456 everywhere. Okay, we know you're laughing. But do not think that the code "p @ ssw0rd" or "panatha13" is better than "123456". Even the variants of a slightly stronger code, such as "d1m1tris1970" or "diMitRiSI97O" do you think are better than 123456?

With modern machines and huge databases of codes of all kinds, the above codes are the least ridiculous. It's like they don't exist. But they have a good one. If your storage media gets corrupted you will be able to guess them !!!.

Let's rate the A solution from 0 to 10 (with excellent 10). Convenience = 10, Speed ​​= 10, Security = 0.

B. Local file storage
The old classic teapot !!!. OK it might not be a notebook, but it is a txt file made with the Windows Notebook. We do not exclude, however, that 60 + year users have an A4 glue next to their computer with all their passwords marked.

As a solution it is good, as long as you have made sure your passwords are difficult to detect, such as "@ D1mi7r15 !! Ol @ _Ta_l3ftA", and have made sure to do backup of them on a separate disk. In fact, if you give an irrelevant name to the txt file, eg "Mauro-provato.txt" and put it under an irrelevant folder, eg "c: \ dimitris \ logotexnia", it is very difficult for anyone to gain access to your computer, to guess what this file might be hiding.

Even if they do hack with a malicious program, it will look for specific places for passwords and specific programs, such as if you have one installed. Password manager etc.

You can even encrypt it. And the same but also backup his. Each time you want a password you have to open it and copy-paste the password you want.

If we were trying to rate the B solution then this would take: Convenience = 4, Speed ​​= 8, Security = 10.

C. Local Password manager
Download and install a program Password manager, preferably open source, and put all your passwords there. This whenever you want to use a password to log in Password manager will undertake to deliver him without any delay.

Microsoft

The codes become very difficult, level "3 # @ fd454) 23dADFF% ^ & TRfgh! G2" and can take as long as you want. For convenience, these programs also offer you a code generator, so you do not have to sit and type.

But you will have a "small" problem if you want to use these codes on your smartphone or your second computer or generally on another separate computer. You just will not remember the passwords.

Also, on your host computer, all the passwords are encrypted. However, you have entrusted your passwords to a third-party program that is targeted by hackers, among others.

Especially if you enjoy browsing through porn sites, clicking on emails that promise you free coupons in the super market, or downloading movies from the dark web, then go crazy and steal them.

Rate: Ease = 7, Speed ​​= 10, Security = 8

D. Password manager in the cloud
Same solution as C only if the codes are stored in the cloud. If you do not understand the term cloud, we say that they are stored on a server, away from you, possibly outside your country.

This way you gain the ability to log in from any device, retrieve and use your passwords even if you are on Lobster holiday. Communication with the cloud is usually well encrypted end-to-end and you have nothing to fear about it.

On the other hand, it can be the manufacturer Password manager to be violated (yes, it is done) and expose millions of codes to rogue criminals.

Rate: Ease = 10, Speed ​​= 10, Security = 7

 

What is Password manager
Password managers are applications that store your passwords in a secure vault, which can be unlocked with a unique master password and, optionally, with an additional two-factor authentication method for added security.

Password managers let you use strong, unique passwords everywhere. This is usually not possible for most people. No one can remember passwords of the type Ew ^ ei3-uaF $ 7TaW.vuJ_w !!, while password managers can create and remember such passwords.

They can communicate with other programs, usually browsers, and retrieve existing codes from them. They warn you if a password is common in two places and urge you to change a password after some time.

They are backed up, they can sort your passwords, interact with browsers and thus ensure that they automatically fill in the fields of your passwords at every request, and then save your passwords with encryption.

 

How many species Password managers exist
There are basically two types. Those that store your passwords locally on your device and do not require an offline connection and those that store them in the cloud online.

The offline Password managers only care about the computer they are installed on. They have no communication with the rest of your machines, you can not automatically have your codes on your mobile phone and since they are extremely powerful their form is difficult to understand, and long.

Offline you should always have a backup, because if your disk crashes or your laptop is stolen, you will be unable to recover it.

Online are easy to manage, they do exactly the same things as offline, but in addition they can be accessed from all over the world and from any machine you want. You do not need to have one backup because they usually hold, although it would be good to always have one. Potassium donkeys rather than donkeys are said in our village.

You are actually already using an online Password manager and you do not know. Those of you who have installed it Chrome, you have saved at least one password to it and logged in to Google through Chrome, then your password has been uploaded to the cloud Google and is accessible from any machine, as long as you go here: https://passwords.google.com and log in to your account to see them.

 

Can you trust them?
Because you are sharing your life with others, you will need to show some trust in password management companies. Sure, companies promise to keep your passwords secure, but there is always the possibility of being hacked and stealing your passwords (it has happened). Companies still take great care for their safety, but what if they prove bad?

Surely there is a danger. You need to trust your password manager like any other application you use. The same is true of any application on your computer or in most extensions of your browser. They could spy on you, and steal your passwords, credit card numbers and a whole host of other things.

By using trusted applications, you also use trusted password management companies. It's probably more dangerous to install random extensions on your browser, many of which gain full access to what's happening in your browser or not use at all and work with 123456.

 

What opportunities should they have?
There are many interesting features in all these programs, which make them stand out from each other in terms of both convenience and security. But clearly you can assume that one Password manager should run some minimum features.

Pretty much we have mentioned the necessary attributes of a code manager to make it good. But in sum we will say:

  • Be well known in the market and continuous updates and with a good track record
  • Be able to receive existing codes from them browser and be compatible with the ones you use
  • To be able to do backup in various forms
  • Have two factor authentication of the master code
  • Have a code generator, check for the uniqueness of the stored codes
  • Be able to tell you how strong your passwords are.
  • Encrypt your passwords at least with AES-256
  • It can automatically shut down after a while and not stay open if you forget it
  • Be able to accept passwords from others Password managers

 

What fits you?
And we got to the key question. Too much information, too much science, you're confused and you can't decide what you really need.

The answer will come with the layout method if you ask the right question: What are your needs? If we get a few instances of users you are probably in and let's see what their needs are and what they should do.

Case One: Beginner user, casual on the internet, with 20 codes.


You are a user with minimal passwords that are usually on Facebook, Twitter, bank, 1-2 forums, 2-3 online stores and an email. Think if someone malicious accesses one of them or even all of them there will be a problem; If someone violates your Facebook and while you are an Olympian, he will write with your name "^% #% * the legend and Piraeus"?

So what? You will ask for a Facebook password change, you will prove to be yourself, and once you have access to your profile you will delete its messages and laugh with your friends throughout this story.

Did you steal your bank password? Okay, until you get the hang of it and alert the bank by phone, the villains will come in, see how much money you have, what transactions you have made, but they will not be able to make any transactions. All banks (with the exception of paypal) have incorporated two methods certification for all transactions. In order to make a transaction, thieves must have either your cellphone unlocked or the co-ordinated random code generator (a small coin-like machine) at the same time.

Only transactions with the Treasury can do without the requirement of a second code (and not in all banks) and pay your tax bills most of all.

In fact you do not need the best security in the world. As you increase your security, your convenience and speed will decrease, and you will probably end up living your electronic life unnecessarily. It will be like trying to kill a mosquito with a cannon.

The solution of an online Password manager with the features mentioned above, fits your case. It is much better to invest in convenience and speed, especially now that all things online are new to you. And of course stop using the code 123456.

 

Case B: Advanced 50 code user
You are the user with some years of internet experience. You have 2-3 email codes for various sites, you might have a Facebook account with 2000 friends, or even manage a blog.

First of all, think about whether you are a target. If you believe you are or can be targeted, then invest in security. If you believe that "Slowly do not sit down to deal with me", then see your convenience.

We're not discussing whether you're compulsive and you think the end of the world will come if you violate your Gmail account or see your Facebook photos that aren't public. There, nothing is done, and in order for you to at least sleep peacefully, choose the safest one.

In a normal user psychological state, this user should be wondering which codes have some monetary value, emotional value or liability to third parties. For example, a Facebook Friends 2000 account can be profitable, your friend managing your blog may be misunderstood and you may not justify a violation of your own, a cloud with your childrens photos may not be yours provides backup if violated.

In this case of user, prefer a mixed solution, such as an online one Password manager for those codes you are not interested in and a txt file for the 5-6 important codes. But make sure you give them strong and big names that you can remember. An example of such a code is "ArnAki-A5pro-kAi-pAxi !!".

C Case: Power Users
In fact, these users know well what they need. They have a sense of what they hold in their hands and how they should manage it. This article is not for them, but we would like to share some of our old articles that may be of concern to you.

Password manager locally or in the cloud;
Password managers vulnerabilities can be exploited by hackers
Are you secure with password managers on Android?
Password Managers - Crash Test: The Most Popular Tools on the Market!

 

Application suggestions
We don't want to advertise a product, especially if it's paid. we will only talk about free and open source programs that we think are worth a look.

So look at programs like KeepassThe KeepassXThe TeamPass.

Especially for Keepass we have mentioned enough and in our earlier articles.

Welcome to the wonderful world of internet.


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news