Password managers are well-known for offering a lot of convenience when it comes to remembering your log-in details. If you think about someone who has 7 or more accounts online with different passwords for each, like I do, then you can quickly see how most would consider Password managers a “life-saver”, after all, there’s nothing more irritating than having to reset your password because you forgot it.
However, there has been quite a lot of controversy over the safety of using them. There seems to currently be a mix of Cyber Security experts claiming that they are unsafe and very risky to use whereas others see them as having no impact on your Cyber Security whatsoever. As conflicting opinions can often make decisions more confusing, we will do our best in this blog to fully evaluate it’s pro’s and con’s and come to a final conclusion.
The pro’s of password managers- Convenience
Like I previously mentioned, the biggest attraction users have to having a password manager is the convenience, this can also save time in certain situations. If there was a scenario where you need to reset your password because you forgot it, or have to contact your IT manager to send you your log-in details, this will use up valuable time in the workplace.
Additionally, a noticeable benefit of using password managers is that it can actually encourage users to make stronger passwords. In the past, I can say I was fairly guilty of making quite weak passwords as they were easier to remember, this can be said for a lot of users on the internet too.
With the support of a password manager, users can make strong passwords without the worry of forgetting them due to their complexity. This is a good incentive for users and could improve your Cyber Security defences. Unfortunately this is heavily based on the user- it’s not guaranteed that you will make a more secure password if you have a manager.
The con’s of using password managers- Cyber Security
While password managers offer convenience, we still need to consider the con’s of using them- specifically the possible threat to Cyber Security it poses. Generally, the idea of a Password Manager has been criticised as it’s a software that contains all of your passwords, which itself is protected by one password.
This means that if your Password Manager’s account was breached, the hacker would have access to all the sensitive log-in details that you have. This scenario is similar to the expression “putting all of your eggs in one basket”.
On the other hand, I can appreciate that “Password Managers could pose a threat to your Cyber Security is quite a statement”, so lets go over some case studies of popular Password Managers to give context:
In August 2022, a company called ‘LastPass’ notified its customers about a security incident. At the time, the security team thought it was able to contain the incident, as there was no evidence that any customer data or encrypted password vaults were accessed.
However, in December 2022, the company discovered that the hacker was able to copy sensitive information, including company names, end-user names, billing addresses, email addresses, telephone numbers, and IP addresses.
Additionally, In the middle of January 2023, a company called ‘Norton LifeLock’ sent data breach warnings to more than 6,000 of its customers, telling them that their accounts had been compromised.
According to a report from Norton, the attacks didn’t breach its systems, meaning that the hackers were targeting individual accounts. The incident dates back to December 2022, when the company started noticing a series of failed login attempts. This was clearly led to a success, as Norton warned that the malicious hackers may have gained access to logins stored in the password manager.
Conclusion
Using these Case studies, one thing can be made pretty clear, Password Managers are a popular target for Cyber-attackers and breaches of them are quite common. While it’s true that not many breaches have been confirmed to leak sensitive information of users online, this is still a clear indicator that you need to be vigilant if using a Password Manager.
At Solutions 4 IT, our conclusion is that we do not recommend Password Managers because of these facts, however, I can say for certain that using a Password Manager doesn’t immediately put you at risk either.
This is more of a personal decision- do you think the convenience of a Password Manager outweighs the potential risk of Cyber Security? That’s a question that only you can answer.
That being said, we hope this blog has given you some insight into answering that question. Be sure to stay up-to date on our latest blogs here- where we cover lots more than just Cyber Security.
However, Password Managers are just one topic in the vast subject of Cyber Security, if you want to learn how your business can become recognised as Cyber-secure, visit our Cyber Essentials page here.
The useful case studies used in this blog can be credited to Best Reviews.
