0 Flares 0 Flares ×

I always seem to have passwords on my mind. What’s the best password? What’s the best way to create one? What are the best implementation policies? One question has been plaguing me more lately. Is it worth it to use a password manager? Password management programs like LastPassKeePass and 1Password have been drawing my attention and I’ve been silently considering the pros and cons. Here now is my mind dump of information that I’ve accumulated through this research I’ve done.

Pros:

  • Convenience. Never will you have to remember another password again, besides your master password. The first perk of password managers is that they manage your passwords. You can just copy and paste it into the field. Some programs will now even auto-fill the fields for you.
  • Better password creation. No longer do you have to follow any of these guidelines when creating a new password, you simply click Generate Password and you have a completely random password.
  • Safer than writing passwords down. If you are anything like my dad, you write all of your usernames and passwords in a rolodex on your desk so you can easily find them. Now someone would have to first find the file on your computer and then break through the encryption on the file to get to your passwords. This is a much safer option.

Cons:

  • One password. With the password managers I’ve tested, there is only one thing standing between a hacker and every single one of your passwords and that is your master password. If you don’t make your master password hard enough to guess, it’s probably not a good idea to try to hide everything behind it. I do know that KeePass does give the option to require a key file and a specific Windows User Account when unlocking a password database, which is really nice if you need a little bit more security.
  • Portablility. There’s always the question of what happens when you switch computers and your manager isn’t installed there. You just can’t access any of your accounts? There are some things you can do to help bridge this gap like putting your password database on a flash drive or even syncing it with a service like Dropbox.
  • The Cloud. As some services have experienced lately, the cloud isn’t always the safest place to store private information but this is just something you will have to figure out if it’s right for you. Every service is vulnerable to some sort of attack, a person just has to decide if the convenience of syncing their password database is worth the risk.

I opened a question about this on the Spiceworks Community forumsand you can find that thread here.

What do you think? Do you use a Password Manager? Why or why not?