The ever-increasing level of security and the widespread usage of computers and the internet, increases the requirement of having too many passwords. You have passwords for each and every machine, different user accounts, websites, emails, social networking sites and more. Too many passwords are often difficult to remember. To solve this problem, management applications have proved to be very helpful.
Among the several managers that are available, which ones should you choose? Let’s elaborate on them and the way they rival each other as far as features are concerned.
Storing login credentials in the browser
Modern browsers offer you auto-form filling option to store your login credentials so that you need not enter them each time you login. This is a useful mechanism but is not the safest one to opt for. The browsers typically store your password in their encrypted database or on the registry entries that are saved locally on the system. Browsers that offer syncing of data store this information on an encrypted online account.
What are its pros and cons?
Saving your on the browser does not secure your data. This is because anyone who is using your PC can launch the browser and gain access to your web accounts thereby creating a breach of privacy. Moreover, on browsers like Google Chrome, you can simply go to settings and click on ‘Show’ in the preference tab to obtain the password. In addition, there are some third party apps that can have your revealed. In this case, if there is any malware running on your, it would exploit this loophole to access your password.
Third party tools cannot access your only if it is further encrypted by a master password. This is the reason for which certain critics claim that Firefox is the safest browser, though it is upto the user to set the master password, avoiding which, you will be exposed to threats.
Web-based password managers
To ensure better security, you are advised to opt for web based managers which offer stronger levels of encryption like producing random passwords, monitoring your and storing other private details like credit/debit card numbers.
These web based managers secure your passwords in an encrypted database and give users the only key which can be looked upon as the master password. The entire process of encryption and decryption takes place on your system, i.e., locally. These managers do not have the encryption key. Hence if rogues hack your password, they would not be able to decipher it.
There are some loopholes in web based managers. For instance, if you do not set a strong master as per the guidelines or apply the same password on other sites, you could be vulnerable to threats.
Local password managers
Some users have reported their discomfort in relying on third party servers for storing password. For them, there is another option to backup passwords which is done not on the servers but on the system itself. It has got its own set of pros and cons. Security experts sometime argue that you compromise on security to some extent by storing passwords locally.
Local password managers function the same way as the web based ones. These managers too have the automatic form filling, protective notes and the password-producing capabilities. Here, the encrypted password database is stored on the machine instead of being stored in the server.
As for the security vulnerabilities, if you store passwords locally, you lose the flexibility of accessing it from anywhere. It does not provide any syncing option and you miss out on the ability to access your login credentials instantly. If you do not remember your password, you would also be deprived of the ability to login to multiple devices.
The password database can by synced with the cloud based file sharing and storage services. You can choose to do this but it holds the risks associated with cloud storage. However, it applies security at different levels. Rogues trying to gain access to the password database will have to bypass your account security before gaining access to the protected password database.
Which one to choose?
By and large, local managers are the most secure ones but they are the last option when it comes to accessibility. The cloud based managers are a step ahead of the local and the browser based ones and provides for a more accessible and protected form of storage. You can choose to opt for any of the different password managers as per your choice and convenience but make sure that you make the master password a strong one. Also, ensure that you have a strong password safeguarding your computer and web based accounts.