How Safe Are Password Managers?

Password managers are a great tool to store your passwords in one place, but how safe are they exactly? When using a password manager, your stored passwords will automatically fill into your web browser and mobile apps when logging into specific accounts. The question is whether having all your passwords in one location is a good idea or not.

Spoiler alert: it is. 

Think about it; what other alternative is there? Remembering a bunch of obscure passwords for tens to hundreds of your online accounts? Let’s be realistic here. You already know using the same password for all of your accounts isn’t the best idea. Always avoid using something obvious like “password” or your company’s name followed by the numbers “123”.

To keep you safe, password managers require a master password to unlock your list of stored passwords. They will even provide you with robust, unique passwords for each of your accounts— none of which you’ll have to remember by heart. Many password managers also require two-factor authentication (2FA) for an extra layer of security.

The only caveat with password managers is that they can still get hacked despite their security initiatives. That’s why we recommend a password manager that also includes a VPN like Dashlane. If you already have a password manager and are looking to decrease your chances of getting hacked, we have a great list of the top VPNs. Be sure to check out our top 5 password managers if you don’t have a password manager yet. Either way, using a VPN will encrypt your data and help you browse privately regardless of the network you connect to.

Ways to Avoid Security Breaches

Encrypt your data

Some password managers come with a built-in VPN. Or, some VPNs will have password protection features that strengthen the security of your password manager. ExpressVPN, for example, has a partnership with LastPass to offer its users best-in-class encryption by hiding your IP address. They even have a random password generator that creates strong passwords for your device and your device only. If you’re interested in learning more about ExpressVPN, take a look at our latest in-depth ExpressVPN review.

Aside from encrypting your data, we highly recommend using different passwords for each of your accounts and creating a solid master password for your password manager. Solid and varied passwords keep your information safe, and storing your master password in a hidden place will ensure you have a reliable backup if you lose or forget your master password.

Use multi-factor authentication

Aside from encrypting your data, we highly recommend using different passwords for each of your accounts and creating a solid master password for your password manager. Solid and varied passwords keep your information safe, and storing your master password in a hidden place will ensure you have a reliable backup if you lose or forget your master password. Multi-factor authentication (MFA) is also an excellent tool for beefing up your security online. When you enable MFA, you’ll need a second form of authentication to access the account you’re logging into. For example, this could be as a text message or email with an access code. 

NordVPN is another excellent VPN with authentication apps that periodically generate codes you must enter when logging into your accounts. These codes are only valid for 30 seconds to ensure your accounts are protected from any potential attacks. Setting up MFA will require any potential hackers to not only have access to your password but your device, which is much harder to pull off. You guessed it; we also have an in-depth NordVPN review. 

Use biometric authentication

Biometric authentication is a data security concept where individuals use physical features like facial recognition or fingerprint authentication as a login credential. Because all of your sensitive data is stored in one place with a password manager, biometric authentication acts as a great additional layer of security. If you really think about it, replicating someone’s face or exact fingerprint would be pretty hard to do, right? While there is some debate around biometric authentication, such as whether it’s safe from a privacy standpoint, this authentication mode does not store any static images of one’s face in a database. Instead, a mathematical model of the face gets encrypted and kept on file for comparison purposes. This means a static image of one’s face would be useless to a hacker. 

Should You Get a Password Manager?

The short answer is yes, especially if you don’t have one already. Password managers will help you keep track of all your passwords without having to memorize them. In addition to storage, password managers allow you to change passwords and securely store banking information seamlessly. They even make it easier for you to share any of your data with friends and family.

While password managers can pose risks of security breaches, most have a solid reputation for their security initiatives. Keep in mind that a VPN will help with any gaps in password protection, as they ensure your data isn’t shared with anyone. If you’re interested in learning more about the differences between ExpressVPN vs NordVPN, check out our thorough comparison of the two.