Our previous blog post Are your Online Identity and Confidential Data Secured showed the vulnerability of your Online Identity that poor handling of passwords can create. It highlighted the challenge of doing it properly so as to be fully secured. Here we’ll be presenting what a Password Manager does and how it can help you.
Password Management Core Functions
The core functionality of a Password Manager is the capability of password capture and replay. When you key in a strong password it captures it and saves it in a secured Digital Vault. Then when you need to login again to the same site, the Password Manager retrieves and populates the password field for you.
It should support the different kinds of logins of different sites, like multiple accounts on a single website as for bank accounts, or multiple step logins as with Gmail. To be useful in practice, it should work on all your different browsers as well as on all your devices (Windows, Mac, Linux and Chromebox) including mobile ones (Android, and iOS). The data should sync across all the devices that you have. On mobile devices, the Passport Manager should also handle passwords of Apps, as well as those for websites.
On browsers the Password Manager works as an add-on, typically supporting most of the popular browsers – Chrome, Firefox, Safari, IE, Edge, and Opera. For Mobile Apps the Password Manager has an app to be installed on the Mobile device.
We mentioned that your passwords are saved in a secured Digital Vault. The Digital Vault itself needs to be protected by a password which obviously can’t be in the Vault, so here you’ll need to have a password that you generate yourself.
To secure the Vault properly, Multi-Factor Authentication (MFA), or more commonly just Two-Factor Authentication (2FA) is used. Popular options here are SMS, Email, or Google Authenticator. Some Password Managers allow you to authenticate on iOS or Android with your fingerprint or face recognition rather than typing your chosen password. This also makes it safe for you to access your Digital Vault from a public computer should you have to do so.
Password Management Additional Functions
On top of the Core Password Management Functions, many Password Managers offer additional Password Management Functions.
Search Weak Passwords
Check your vault for weak and duplicate passwords, and offer help with the update process. In some cases it can automate the password-change process for you.
Allows you to securely share specific passwords with other users. Some let you share a login without making the password visible. In other cases, the sharing goes both ways, meaning – if the recipient makes a change it will change the original, and some let you revoke this sharing.
An interesting feature is designed to deal with the case of your death or incapacity. In that case, it transfers your logins to a trusted individual you’ve assigned for that. It’s like sharing your password, plus you can set a waiting period for the access to be allowed. In case that person tries to gain access to your passwords while you’re still around, you get a notification email, and you can then deny access.
Enhanced Security Capabilities
The next level of capabilities Password Managers offer is to provide enhanced security.
Warn about Insecure Login Pages
One way to hack your credentials is to guess your password, while another way is to intercept it from your connection to the website while you login. That’s why you should only log in with your secure username and password to a website that uses a secure HTTPS connection. To help you here, some Password Managers warn about insecure login pages.
Added Value Features with a Password Manager
Once you’ve got your online identity secured, a Password Manager can capitalize on the secured foundation in place, namely your Digital Vault. Given the integration with your different devices, this can provide you with an easier way to deal with your other confidential data as follows.
Form Autofill for additional data
Form Autofill of Payment Information, IDs, Passport, and Driver’s License. The same capability of capture and replay used for usernames and passwords is used to capture and replay other data items that you’d want to remain confidential like these mentioned here. Having them kept securely in the Digital Vault and Autofilled into online forms is very convenient.
Secured Online Storage
The use of the Digital Vault can be extended to allow storing files containing any kind of confidential data. Some Password Managers provide Secured Online Storage for that.
Dark Web Scan
A Dark Web scan checks your credentials against repositories of breached accounts. If your account appears to have been compromised, the Password Manager will indicate this to you and suggest that you change the password.
Receipt Capture helps you to keep securely receipts of online transactions on shopping sites. The receipt is captured with the full amount and, when possible, a list of purchased items. You can view your list of receipts, dig in for details, and view the associated screenshot for each. This provides a handy secured record of your online shopping.
Inbox scan is a feature that, with your permission, scans through your inbox seeking email messages that involve creation of an online account. You can now go and change the passwords of all these accounts to safe strong passwords. Note: you’ll need to remember the existing password on the account.
What else you should consider
If you are now convinced that a Password Manager is something you should be using, here are a few more things to consider when selecting a Password Manager product.
Sleek Design and Ease of Use
Sleek design and ease of use as you should rightly expect from any piece of software with a user interface.
Customer support, preferably over the phone is something you should definitely have as an option. When the keys to all your online assets are locked there, you may need someone to talk to.
Password Import and Export
A useful option is to be able to import your passwords from another product. Once you have had many different strong passwords setup by one Password Manager product, in switching to another one, you’d want the new one to be able to import your passwords from the current one. At the same time, if for any reason you’ll want in the future to switch to another product, you’d want this one to be recognized by the new one to allow an easy transition.
The last and perhaps the most important factor to consider is the price. A typical Password Manager would offer a free version with the core basic features, then a Premium paid version, as well as a Family Plan allowing a whole family to enjoy a relatively low price per user.
In the final blog post of this series Which Password Manager is Best For You we present a few possible choices for Password Managers and a recommendation on an easy selection criteria.