Encryption
Storing or transmitting passwords in an unencrypted format is incredibly risky. It is not advisable to use a password manager that doesn't use strong encryption.Local vs Cloud
Password managers may store your passwords on your local device or on your cloud account. The benefit of cloud is the ability to use the manager from multiple devices.Integrated vs Standalone
Password managers may be integrated with tools such as web browsers that allow for convenient features such as form filling.Password Generation
Tools may offer to generate passwords. Password generation requires sophisticated algorithms that can generate sufficiently random data. Some tools implement relatively naive password generation that isn't particularly secure. For example, the tool's random numbers may be somewhat predictable.Multi-Factor Authentication
Tools that require two or more pieces of authentication before giving you access to your passwords. For example, a tool might require a smart card and a master password before providing access to passwords. This is generally considered more secure than requiring a master password alone.| Overview: Password Manager | ||
Type | Information SecurityDefensive Computing | |
Definition | A tool for securing and accessing passwords. | |
Value | Encourages users to use strong passwords and avoid reusing the same password on multiple sites. | |
Risks | Represents a single point of failure whereby all your passwords could be compromised if the tool has a security flaw. | |
Related Concepts | Information SecurityDefensive ComputingStrong PasswordPassword Paradox | |
