We may receive compensation for its content through paid collaborations. See how we sustain our work & review products.
4 Security Concerns and Risks With Password Managers

4 Security Concerns and Risks With Password Managers

Last updated: December 19, 2024 (0)
Contents
Table of contents

It’s a cold hard fact that while connected to the internet, nobody is ever 100% safe. However, it’s up to individuals themselves to ensure they stay risk-free online. The most important thing we need to protect is our passwords, and one solution to that is using a dedicated password manager software. Naturally, some users have concerns about using a password manager. Here we’ll address the top four security concerns users have with these services and show how password managers combat them.

4 security concerns and risks with password managers

1. Keeping all your eggs in one basket

The curious thing about password managers is that, theoretically, hackers are only one step away from accessing absolutely everything in your vault. However, in the same way gold is stored at Fort Knox, there’s no problem storing everything in one place so long as it’s totally protected. That’s why password managers are so secure – because they offer the best online defenses. For instance, the well-known password manager LastPass encrypts everything in your vault using military-grade AES-256 encryption so that even if someone was able to grab all your data, they still won’t be able to read it.

2. Hacked password managers

A vault full of your important details counts for little if password managers themselves can be hacked. So, is it possible to hack a password manager? The short answer is yes – in fact, most password managers have experienced some kind of breach in the past. However, it’s extremely rare that users’ passwords are ever leaked from a hack as they’re fully encrypted at all times. What’s most important though is how the company reacts to the breach – something we’ll explain more about below.

3. Data for sale

Users’ personal data has immense monetary value nowadays. So, imagine what a goldmine password manager companies are standing on with the details to all your accounts. However, password managers couldn’t sell your data even if they wanted to. This is because they don’t actually know anything about what’s in your vault. For example, with LastPass, not only is your vault completely encrypted, your master password is known only to you (so don’t lose it!).

4. Using public Wi-Fi

Although public Wi-Fi is a great convenience, you shouldn’t trust it with your security as it can suffer from what is known as a man-in-the-middle attack. All the hard work done by you and your password manager is undone if you’re using an insecure connection. So, while your password vault will remain secure, as soon as your data leaves the vault it’s potentially compromised. However, you can use your password manager in conjunction with a VPN for added security which will keep your data safe no matter where you are.

Furthermore, just because your account credentials are stored away in a secure vault doesn’t mean you can relax. Make sure to update all your passwords for new and improved ones by utilizing a password generator as this will help avoid password spraying. In fact, LastPass has a handy online password generator to try out. Finally, make sure you take advantage of any two-factor or biometric authentication that password managers offer.

 

How password managers deal with breaches

Although password managers can never fully guarantee your credentials’ safety, the difference in security is like going from a house guarded by a puppy to a compound patrolled by armed guards. But what if someone does sneak through the perimeter?

There’s nothing worse for a password management company than a security flaw. Offering a secure vault for your credentials is their bread and butter and a breach is the worst news imaginable. To keep their customers’ trust, transparency is key. The only time LastPass has even been breached was back in 2015 and the company was very open about the entire process. The attack on LastPass meant that that some email addresses and password reminders were compromised, but the passwords themselves remained safe. At the time, LastPass sent out emails and updated their blog frequently to keep their users up to date.

Most importantly, because of that attack LastPass improved its software and became even more secure – which is why password managers are such useful pieces of software. Not only do they keep your vital information safe now, they evolve and provide regular software updates to continue keeping your information safe from future threats as well.


Best password managers of 2025

Editors' choice
RoboForm logo
Editor's rating:
(4.5)
Effective security center
Passkey compatibility
Intuitive and organized interface
Affordable prices
Families
LastPass logo
Editor's rating:
(4)
Logical interface
Automated password categorization
Advanced mobile version
Various two-factor authentication options
Businesses
1Password logo
Editor's rating:
(4)
End-to-end encryption
Secure authentication method
Data breach alarms
One-time password support
Security features
Keeper logo
Editor's rating:
(4.5)
Robust security
Wide range of platform support
Affordable
Great customer support
Personal use
NordPass Personal logo
Editor's rating:
(4.5)
Strong security features
Effective password generator
Excellent free version
Attractive price
Password sharing
Dashlane logo
Editor's rating:
(4)
Password changer
Built-in VPN
Flawless data import
Thorough iOS/Android app
Local storage
Enpass logo
Editor's rating:
(4)
Packed with features
Free for desktop users
Offline password manager
End-to-end encryption

User feedback

 Leave a reply

Your email address will not be published. Required fields are marked *


Best Reviews may receive compensation for its content through paid collaborations and/or affiliate links. Learn more about how we sustain our work and review products.

©2012-2025 Best Reviews, a clovio brand – All rights reserved
Privacy policy · Cookie policy · Terms of use · Partnerships · Contact us