Problems with the keys? 😈 Today we all have innumerable passwords, whether multimedia platforms, multiple emails, applications, business pages, work... There comes a time when our head falls short to accommodate the multiple passwords that we handle on a daily basis.
That is when, to simplify, we begin to make security errors of the type: keeping the passwords on a piece of paper or a notebook, reminding everyone of the password on all pages, writing them down in Excel, or simply putting the same password for everything. These are common mistakes that expose us to possible security leaks. I confirm that a notebook is not the most secure place and that having all the same keys is not reliable.
If you are one of these types of people, I have something to ask you. Have you heard of password managers?In these times, perhaps one of these can simplify your life. But better, let's start at the beginning.
What is a key manager?
A key or password manager is an application that allows us to store the user, key, application or url to which said password belongs. All encrypted and protected with a master key.
This all sounds good right? Instead of having to remember multiple keys, we must remember a single key to access all the other keys. You may think that you can do the same with an Excel password, for example, but it has its nuances. Excel files can get corrupted, you can modify a line or column without realizing it, and it is also a very greedy type of file for someone unwanted to try to access them.
For this reason, key managers that generate a local file usually have their own extension. In addition, since it is software dedicated exclusively to this function, it is more difficult for us to accidentally delete or modify any data.
Of course, there are different password managers, both free and paid, and each of them offers us different services. For example, autocomplete username and password, availability for mobile or computer, cloud copy, recovery file, etc.
Even better, some of these managers are capable of consulting the Data thefts that happen all the time in a multitude of services and can alert us if our password has been compromised. In this an Excel... as it falls short.
To make things easier for you I've been testing some of these managers so you don't have to go crazy.
What key manager can I use?
There are multiple password managers, each one with its peculiarities, so in this article we are going to review the 3 most convenient ones that I have tried.
This manager is one of the most famous among the free ones. It is quite simple, it is an application that must be installed on the computer, be it Windows, Mac or Linux, which allows us to manage the keys by folders and categories. It does not have a recovery file and the file that saves the keys is saved locally, so you are responsible for not forgetting the master key and for making your backup copies. That is, free 😉.
It is an installable application on Windows, Mac and Linux compatible with the Chrome browser. This is one of the easiest to use. It has a free version, but I think for 3 EUR/month its premium version is worth considering. This premium version also includes 1 GB of encrypted file storage and the ability to share information with up to 30 other people.
It has options of two factor authentication and is compatible with most authenticator programs: Google Authenticator, Microsoft Authenticator, Toopher, Duo Security, Grid, and even their own proprietary LastPass solution. Fingerprints and smart cards are included with paid plans, while Salesforce Authenticator is only offered to enterprise customers.
My catch, in this case, is that LastPass is only available through browser extensions rather than a desktop app. If you're on Windows, Mac, or Linux, you'll need to download an extension, or the Universal Extension Installer, to use the service. You can also log in to the website directly or use the mobile app for iOS or Android.
LastPass does not generate a local file for you, it saves it in its cloud vault. Far from being a negative, this is a great advantage. We don't have to worry about local file backup and we can access it from multiple devices while maintaining data integrity.
This manager is very similar to the one mentioned above, LastPass. Nordpass's main strengths are that it has must-have password management features like autofill, unlimited password storage, credit card numbers and notes support, password generation, and cross-device password sharing. It also offers the option of two-factor authentication and is compatible with the usual authentication applications.
The main difference with LastPass is that it does offer a desktop application, in addition to extensions, access via the web or through an Android application.
It also saves the data in its own database making it accessible from any location and from multiple devices.
What is my favorite password manager?
In conclusion, due to the cost they have and the possibilities they offer, I opted for one of the last two, LastPass or Nordpass. Both are able to tell you if any password has been violated and give you recommendations on what to do in each case.
They are also able to verify if any of your email addresses have been compromised in a data breach. In my case, I opted for Nordpass, it was somewhat cheaper and the family plan seems interesting to me.
Are you willing to NOT try?
En Panel Sistemas we believe that cybersecurity is everyone's business. We are focused on promoting more secure software development, avoiding deploying applications with known vulnerabilities. Codename, DevSecOps.
However, we do not want to neglect promoting awareness about personal, pocket-sized cybersecurity, which accompanies us at all times. For this reason, we have shared this analysis with you and we encourage you to keep in touch with us.
You can consult our articles on cybersecurity at https://www.panel.es/ciberseguridad .