Best Reviews logo
Best Reviews may receive compensation for its content through paid collaborations. See how we sustain our work & review products.
Cloud vs Local Password Storage: What Is Most Secure?

Cloud vs Local Password Storage: What Is Most Secure?

By István F.István F. Verified by Sander D.Sander D. Last updated: July 17, 2024 (0)

If you are keen to keep your data safe then one of the easiest steps to take is use a password manager, and there are many benefits for doing so. Key among them is the opportunity to generate unique passwords within the app itself for any and all of your services and accounts, automatically storing them in a secure vault.The convenience of remembering just one password and leaving it to an app to remember the rest is indispensable, the limits imposed by the human brain simply disappear. At the same time, however, it’s good to bear in mind one aspect: you are trusting one app – and its developers – to store your personal info securely, and it’s important to know whether they do so locally or in the cloud.

Storing passwords locally

One of the key features that has made password managers such as 1Password popular among cyber security experts and hackers was their initial policy of storing the data locally on the user’s computer and making it available on other devices via Wi-Fi, iCloud, or Dropbox sync. For that, users needed to purchase a license for every single device that they wanted to keep in sync.

But AgileBits moved to a cloud sync format in 2016 and has since raised the eyebrows of a handful of hackers and security experts for one simple reason: internet-accessed archives put users at a bigger risk than those stored locally in user-controlled environments, such as on a computer.

For some experts it’s better to have the passwords and other data – such as credit cards, secure notes and the like – stored on the device itself. That gives the user complete control over the data, since hackers can’t simply steal the user’s data from a server along with every other user’s data, but instead have to specifically target an individual person. That makes things harder for the hacker. It’s not impossible, of course, but the road to the master password is much longer, harder and involves many more steps than taking a batch of data on cloud storage.

By storing data locally, the only way to access it is through malware installed on the user’s computer that is able to access and log keystrokes. But in this case it’s already game over since the malware logs every keystroke, which means you can forget about privacy and security.

Storing passwords in the cloud

When a password manager firm makes software for multiple platforms and syncs the apps through their central servers, this is what we mean when we say ‘cloud storage’. That’s very convenient for the user, because – as with 1Password, Sticky Password or LastPass – it can check and store a password from any device via its software by logging into the account using the web browser extension. This also makes passwords recoverable if the user loses the device. When stored locally, the password database is lost with the device.Cloud sync is convenient for the user as it requires no additional steps – such as setting up a WLAN server – to sync the apps to allow the new data to be available on every app. The password manager app is opened and the database is already up-to-date.

But this means that there is nothing that can be done on your end to ensure the security of your own data. Furthermore, the majority of password management developers rely on third party servers to store data, which raises serious security concerns.

In the last few years we’ve seen a handful of password manager databases hacked, so there is certainly a reason to distance yourself from cloud-based password storage. That doesn’t necessarily mean, however, that you should refrain from using them entirely. Instead, seek more information about the security measures that are taken to protect your data. A high-quality password manager allows users to sync their data locally along with cloud sync.

How to pick the best password manager app

There are a few aspects to bear in mind when choosing a password manager. All of them are important, because you are entrusting them with highly sensitive data.

  1. The data stored in, sent to, and received from the central server should be wrapped in encryption set at a user’s end point.
  2. The service doesn’t store any info on your master password.
  3. The service cannot access your data or recover a lost vault or related passwords.
  4. The service encrypts the data locally, protecting it with a secret key that only the user knows.

Best password managers of 2024

Editor's choice
RoboForm logo
Editor's rating:
(4.5)
Effective security center
Passkey compatibility
Intuitive and organized interface
Affordable prices
Families
LastPass logo
Editor's rating:
(4)
Logical interface
Automated password categorization
Advanced mobile version
Various two-factor authentication options
Businesses
1Password logo
Editor's rating:
(4.5)
End-to-end encryption
Secure authentication method
Data breach alarms
One-time password support
Security features
Keeper logo
Editor's rating:
(4.5)
Robust security
Wide range of platform support
Affordable
Great customer support
Personal use
NordPass Personal logo
Editor's rating:
(4.5)
Strong security features
Effective password generator
Excellent free version
Attractive price
Password sharing
Dashlane logo
Editor's rating:
(4)
Password changer
Built-in VPN
Flawless data import
Thorough iOS/Android app
Local storage
Enpass logo
Editor's rating:
(4)
Packed with features
Free for desktop users
Offline password manager
End-to-end encryption
User Feedback

 Leave a reply

Your email address will not be published. Required fields are marked *


Best Reviews

Best Reviews may receive compensation for its content through paid collaborations and/or affiliate links. Learn more about how we sustain our work and review products.

©2012-2024 Best Reviews, a clovio brand – All rights reserved
Privacy policy · Cookie policy · Terms of use · Partnerships · Contact us