A Polemic on Passwords
Nobody likes remembering passwords. They’re long, they have random symbols and capital letters, they’ve got numbers in them, the list goes on. And worst of all, everyone keeps telling you that you can’t reuse the same password! By their very nature they have to be hard to guess, and more often than not, that also means hard to remember. So you compromise. “Surely it’s not so bad if I reuse this password”, I hear you say to yourself. “After all, it is a good one.” But you can’t quite shake that feeling of dirtiness and guilt. Or maybe you can because you just don’t care anymore.
Enter the password manager. A program that remembers your passwords so you don’t have to. Not only is it stop you forgetting your passwords, but it lets you fearlessly set strong and unique passwords you never would be able to remember! All for the low, low price of remembering just one so called “master password”. Sounds like a deal to me. So what password manager should you use?
Encrypted
This sort of goes without saying, but make sure your passwords are encrypted. Otherwise they’re just sitting there, for all the world to read. Almost all modern password managers use secure encryption, so I wouldn’t worry too much about this but it’s definitely worth double checking.
Open Source
For those who don’t know, open source software means that the code that makes the program is available for anyone to view (in contrast to proprietary software). This is really important because it means that you can verify that the program is doing what it claims to do. Even if you can’t read code, other people can and all the thousands of eyes carefully watching the code will quickly catch any funny business. Without this, you’re willingly handing over your sensitive passwords to a company who super duper pinky promises they’re keeping your passwords safe. So safe in fact that you’re not allowed to see how they do it. That gets a “no thanks” from me.
Offline
Stay away from any of this cloud hosted nonsense - you don’t need it. Distance doesn’t matter on the internet and by putting even your encrypted passwords out there, any hacker in the world can get a crack at it.
But it gets worse. It’s not just you that’s using the cloud, is it? Cloud syncing your passwords along with everyone else gives hackers a massive target. They can get millions of peoples’ passwords all at once. LastPass alone has had numerous security breaches. Syncing your passwords across your devices is still more that possible and I’ll get onto that in a moment.