What is a password manager?

Passwords are everywhere. Your bank wants one. Your social media networks want another one. Your online shopping site wants one too.

It can be tempting to create a single password out of an easily remembered dictionary word and use it across all of your services. However, it’s a monumentally bad idea.

Why? Because it’s utter child’s play for hackers who want access to your accounts, information and money to get into your account if you use a common word as your password. That’s why so many services insist that you create a password with at least one number and special symbol in them.

However, even relying on that combination and re-using the same password isn’t terribly secure. If one service leaks out that email and password combination, the bad guys would still have access to your accounts. Just as it makes sense to have a different key for your front door or your workplace door, it makes sense to have individual passwords for every service.

If a single password for that service leaks – which may be beyond your control – then it’s only that service that you need to worry about. Which is fine in theory, until you realise that this means remembering the passcode “eYzn3b*7Rm4” for your banking, and then “Ff0oNb#3-5” for your social media. Who has the brain space for that?

Before you ask, no, those aren’t my passwords for any service at all. Indeed, I didn’t even create them myself, because I use a password manager for that kind of function.

A password manager is an application designed to safely store, manage and generate passwords. They help you to automatically login to all your accounts and protect your passwords behind a single master password.

MORE: HOW SECURE ARE YOUR PASSWORDS?

My web browser offers to save passwords for me – is that the same thing?

Most web browsers – notably Google’s Chrome or Apple’s Safari browser on iPhones – will offer to create and store passwords for you. This is on the easier and more affordable side of the password management game.

It’s not without its limitations, however. A password stored in Chrome will only be available in Chrome. This means it’s not going to be as easily accessible if you’re then using it with an app-based version of a web site on your smartphone, for example.

It’s also a slightly less secure password system. By default most browser-based password managers don’t require any authentication to access those passwords. That’s nice and easy for you when you’ve got your phone or laptop in front of you, because it all happens automatically.

However, it also means that if your laptop or phone is stolen or lost, anyone opening up that browser will have access to those exact same sites and services. Using a browser to create and store passwords is still way better than using a simple password across multiple services, but it’s not without its problems.

MORE: IMPROVE ONLINE SECURITY BY USING TWO-FACTOR AUTHENTICATION

Which password manager should I use?

The strongest way to manage passwords is with a reliable, trusted password manager. There’s a number to choose from, including stalwarts such as Dashlane, 1Password, Keeper or Lastpass, to name a few.

Most will offer a mix of locally stored and cloud-based storage for your key password file. The reason that you’d want to store your password file in an online vault is because then it can be accessed from multiple devices.

This means that you can easily access, say, your banking password from your smartphone but also from your desktop PC. Most password managers will offer you a trial to make sure that you’re happy with how they work before laying money down for them. It’s well worth checking that the devices you might want password access on have available apps as well.

The advantage with a standalone password app is that they work off a single central password to unlock your full “vault” of passwords. Quite literally a master key. As the master of your personal vault, all you need to do is remember one password, and then let the password manager remember the rest for you.

You may not even need that. Many password managers incorporate biometric services such as fingerprint unlocking or Apple’s FaceID to unlock your vault. Most password managers will also allow you to create new passwords for new services. So you don’t even have to come up with unique baffling strings of characters on the spot.

That also means that if you do hit a service that wants a particular password recipe – those dreaded “Your password must contain at least 8 characters including numbers and symbols” type demands – you can tweak the password creating algorithm to create something that will work.

One key aspect to keep in mind with password managers is that their security is only as good as the app itself. It’s important to make sure that you update as and when new versions emerge.

An older password management app probably won’t stop “working” in terms of being able to be opened. It could have security flaws that make it easier for criminals to target as well. If your password management app tells you that there’s an update available, take it!

Protect your Mac from malware threats – rely on our expert malware removal services to keep your device secure and operating at its best.