Managing Your Passwords Automagically!


Ruzbeh Raja is an Information Technology Consultant with over 20 years of experience in the IT industry. He is also a Visiting Professor of Law in the University of Mumbai.


 

 Passwords act as the first line of defense for sensitive information and can spell doom when mismanaged or compromised, so they are naturally one of a hacker’s prime targets. As the IT landscape expands, passwords proliferate, and as more passwords need to be protected, a centralized password management routine becomes crucial. The following are answers to some pertinent questions which will help fortify your password management:

Q: Do I need to set a long or complicated password for my email or internet banking?

A: Short passwords are easy to guess and can be automatically guessed by computers in a matter of seconds. A password of up to 8 characters can be guessed in 10 seconds to 3 minutes flat. As computer processing power increases by the day, shorter passwords are easier to guess or ‘crack’. This means that you should no longer use a password less than 8 characters for any purpose.

Q: Do I really need to have a different password for each email account or net banking account or online service?

A: Yes. If a password for any one email account or bank account is breached by someone and you have used it for multiple other email accounts or banking accounts, then all those places with the same password can be compromised and the attacker easily gains access. It’s like having the same key for your front door and all your cupboards and furniture as well!

Q: How do I remember so many different passwords? Should I write them all down in a diary?

A: It’s very difficult to remember many different random password combinations. For this purpose, you can use services called ‘Password Managers’, including: ‘1Password’; ‘LastPass’; ‘Google Password Manager’; ‘BitWarden’; and ‘Dashlane’. These allow you to store passwords in their online database through an App. You only need to remember one Master Password and the App stores the rest of the passwords securely. You can download the App on your phone and also download a desktop App for your computer at home. Most Apps work across Android, Apple iOS, Windows, Linux and MacOS.

Q: But isn’t it unsafe to store all passwords in one location?

A: It is safer to have your passwords stored securely at one place rather than writing them down in a diary or paper or in the Notes App of your phone. If you misplace that scribbled paper or some unauthorized person gets a hold of that chit, your email account or net banking is surely in danger. Password Manager services are built for security and they store your passwords in their systems in an extremely secure way, so that even if their systems get compromised or the data leaks, your password remains confidential. You only need to remember 1 password, as opposed to having to remember multiple different passwords for each email account or net banking service.

Q: What if my phone gets lost or my computer stops working?

A: Password Manager Apps store your information in a secured environment on their own servers ‘in the cloud’ (refer end of article). This means that even if your phone or computer or laptop or device stops working, or is lost or stolen, your password information will remain in your account and you can always access it with your Master Password.

 

Q: I have 2 phones and 1 laptop computer. Can I use the Password Manager on all my devices? What if I also have an iPhone?

A: Yes. Password Managers are meant to work across all your devices. This means that if you add your password on any one of your phones or devices, it will synchronize across all devices through the internet and will show the same password on all devices immediately. All you need to do is download the Password Manager App, create an account and set up your Master Password, and then add your password to it.

Q: Do Password Manager services cost money?

A: Most Password Manager services offer a free limited service and allow you to store your passwords on 1 – 2 devices without any cost. If you want to use it on multiple devices like your home-phone plus work phone plus laptop plus desktop, then you may need to pay a yearly subscription. Some Password Manager services offer a family subscription for multiple family members.

Q: I use the Notes App on my phone to store my passwords. Isn’t that cheaper, safer and easier to use?

A: No. Many people use an Excel Spreadsheet or the Notes App on their phone or even store their passwords in a Word Document. This is a bad practice as these Apps are not meant for secure storage of information and can be easily accessed by anyone using your phone. Unlike Password Managers which automatically fill in your passwords on websites, your Notes App will require you to copy and paste your password, which is highly insecure and can lead to many mistakes. Unlike your Notes App on your phone, Password Manager Apps have extra security features and store your information in a secured environment on their own servers ‘in the cloud’ (refer end of article).

Q: Are there any other advantages to having a password manager store my passwords?

A: There are numerous benefits to having a Password Manager store your passwords:

  • Password Manager Apps allow you to select a strong, unique, random password for each and every different email account or net banking account or service. No re-using your password.
  • If you change or update your password on any one of your devices, the password will get updated across all your devices.
  • When you visit your email account or website, the Password Manager will automatically fill in your password for that website or email service. No need to copy/paste or type in the saved passwords.
  • It allows you to store multiple login details for the same service. Eg. If you have 2 Gmail accounts, it will remember the login details and passwords separately and ask you to choose a login profile before you login to Gmail each time.
  • The Password Manager also alerts you if you reuse the same password for multiple accounts or services.
  • Some Password Managers can also store your Credit/Debit Card Details securely.

Q: What if I want to change my Password Manager service? Will I lose all my passwords?

A: All Password Manager services allow you to download your entire password list or send it safely through email. If you want to migrate to another Password Management service or stop using any Password Manager, you can do so by simply closing your account.

Q: What is meant by the Tech Term: ‘In the cloud’?

A: When you use a service ‘in the cloud’, it means that you’re not storing information on your own phone or computer or device, but are storing it on some computer which is in another remote place. Eg. Gmail, Google Docs, DigiLocker. It’s called ‘cloud’ because in the early days of the internet, a cloud symbol was used to indicate a network connection through the internet.

 

Leave a Reply

*