Password Managers

What is a Password manager?

Password managers offer a secure way to store all of your frequently used passwords in one place.  Usually, these passwords are stored in an encrypted database and locked behind a master password utilizing Muti-Factor Authentication

Use a Passphrase!

Passwords, especially complex passwords, can be difficult to remember.  When creating online passwords, there is often times specific criteria that is required to make your password acceptable. Typically requiring letter, numbers and special characters.  To fit this criteria, password generators are often utilized to produce 'secure' passwords such as 'PRAm8jl$iW'.  This password has 10 characters, letters, numbers and symbols, but can be very difficult to remember.  

This is why the practice of using a Passphrase can be very effective.  When you decide to use a Passphrase, you may choose a hobby such as traveling.  If you choose a phrase such as 'i like to travel' and then add in the required criteria 'I Like 2 Travel!', you have just gained 41 Million years of password security, with an easy to remember Passphrase.  Compare this to your 'secure' password 'PRAm8jl$iW' which only gains about 5 years worth of protection.  

Things to Consider

Does it have Multi-Factor Authentication?

Multi-Factor authentication (MFA/2FA) is a security practice that is based off of things you know (Passwords) and things you have (Phone, Fingerprint, FaceID, or ID Card).  MFA is a practice that uses two of these things in order to verify a login attempt.

Can I use the same password for multiple accounts?

No, when you use duplicate passwords for more than one account, if compromised, an attacker will have access to all of the accounts that use the same password.  

What is the difference from a password and a passphrase?

While a password is typically a short character set of mixed digits and letters, a passphrase offers the ability to have a long string of text with spaces.  The advantage of this is that a phrase is typically easier to remember than a password with random numbers and letters.  

Have I been involved in a breach?