Page 5 - 1911
P. 5
Password Managers To the Rescue
By Jasmine D’Katz
As always, the devil is in the details. When
implemented correctly, online storage is safe
enough for mil-lions of users, including me.
Hacking is a real problem, but I find news
reports of hacks a double-edged sword. On the plus
side, they make people aware of problems, which
helps encourage everyone to follow best practices
when it comes to keeping information safe. Unfortu-
nately, the downside is that often news reports fo-
cus on attention-grabbing numbers, yet lack per-
spec-tive. The end result is a vague sense of un-
ease,
I use a wide range of online services. I keep
Password managers are apps that use a all of my data backed up online. There are risks as-
master password to protect confidential information. sociated with each of these choices, and I trust that
They enable users to securely store more infor- best practices will keep me reasonably safe.
mation than can be memorized.
The best practices for passwords include
The two common configurations of password using two-factor authentication when available,
managers are device-based and cloud-based. De- along with a long, unique password for each online
vice-based managers keep data on a single device, account. To accomplish this, I use a cloud-based
while cloud-based managers keep data on multiple password manager (Password) with a suitable mas-
devices and share the data among them. ter password known only to myself. I also use· a
Keeping passwords on a single device is sim- family plan, which can allow family members to ac-
pler, but functionality is limited. Keeping passwords cess one another's information in an emergency.
in the cloud is safer and more convenient. All of my computing choices respect this
Understanding how password man-agers principle: follow the crowds. I only depend on prod-
work means understanding how encrypted files work. ucts that are used by thousands or millions of other
When data is placed in an encrypted file, effectively peo-ple. I mostly use the software that comes with
the information no longer exists. If someone steals the device, or third-party apps like Keeper or
an encrypted file and oaks inside, everything in that LastPass that have been around for many years.
file appears to be gibberish. Overall, Apple does better with security and
However, when the password manager is giv- privacy, so I tend to use those devices in my per-
en the master password, it converts what looks like sonal life. Data security on the latest versions of
gibberish into the original information. Windows and Android is also solid, but they still suf-
fer from more malware, which means more care
Encryption is what keeps information secure. when selecting third-party apps.
Even the person who wrote your password manager
cannot read your data. Only someone with the mas- Lastly, I always install the latest ver-sions of
ter password is able to read that file. apps and operating system security updates.
Passwords are often thought of as keys that Password manager provide the appropriate
open locked doors, but encryption is not like a locked password regardless of device and location?
door. Encryption is more like a magician's trick that Cloud-based password managers use a
makes information disappear and reappear on com- combination of file synching, custom apps, and
mand. Web access organize your information. The main
But it is not trickery, it is math. And it works. data storage is kept in the cloud, and each device
Keeping passwords on the Web makes may make mirrors the cloud locally. For example, if an item is
you very nervous, you may hear fre-quent news re- added on your phone, the phone's app will copy
ports of hacks where passwords are stolen. And you that item to the cloud, and the cloud will update
wonder if online storage a good idea?
5
