If you are keen to keep your data safe then one of the easiest steps to take is use a password manager, and there are many benefits for doing so. Key among them is the opportunity to generate unique passwords within the app itself for any and all of your services and accounts, automatically storing them in a secure vault.The convenience of remembering just one password and leaving it to an app to remember the rest is indispensable, the limits imposed by the human brain simply disappear. At the same time, however, it’s good to bear in mind one aspect: you are trusting one app – and its developers – to store your personal info securely, and it’s important to know whether they do so locally or in the cloud.
One of the key features that has made password managers such as 1Password popular among cyber security experts and hackers was their initial policy of storing the data locally on the user’s computer and making it available on other devices via Wi-Fi, iCloud, or Dropbox sync. For that, users needed to purchase a license for every single device that they wanted to keep in sync.
But AgileBits moved to a cloud sync format in 2016 and has since raised the eyebrows of a handful of hackers and security experts for one simple reason: internet-accessed archives put users at a bigger risk than those stored locally in user-controlled environments, such as on a computer.
For some experts it’s better to have the passwords and other data – such as credit cards, secure notes and the like – stored on the device itself. That gives the user complete control over the data, since hackers can’t simply steal the user’s data from a server along with every other user’s data, but instead have to specifically target an individual person. That makes things harder for the hacker. It’s not impossible, of course, but the road to the master password is much longer, harder and involves many more steps than taking a batch of data on cloud storage.
By storing data locally, the only way to access it is through malware installed on the user’s computer that is able to access and log keystrokes. But in this case it’s already game over since the malware logs every keystroke, which means you can forget about privacy and security.
When a password manager firm makes software for multiple platforms and syncs the apps through their central servers, this is what we mean when we say ‘cloud storage’. That’s very convenient for the user, because – as with 1Password, Sticky Password or LastPass – it can check and store a password from any device via its software by logging into the account using the web browser extension. This also makes passwords recoverable if the user loses the device. When stored locally, the password database is lost with the device.Cloud sync is convenient for the user as it requires no additional steps – such as setting up a WLAN server – to sync the apps to allow the new data to be available on every app. The password manager app is opened and the database is already up-to-date.
But this means that there is nothing that can be done on your end to ensure the security of your own data. Furthermore, the majority of password management developers rely on third party servers to store data, which raises serious security concerns.
In the last few years we’ve seen a handful of password manager databases hacked, so there is certainly a reason to distance yourself from cloud-based password storage. That doesn’t necessarily mean, however, that you should refrain from using them entirely. Instead, seek more information about the security measures that are taken to protect your data. A high-quality password manager allows users to sync their data locally along with cloud sync.
There are a few aspects to bear in mind when choosing a password manager. All of them are important, because you are entrusting them with highly sensitive data.
Best Reviews may receive compensation for its content through paid collaborations and/or affiliate links. Learn more about how we sustain our work and review products.
©2012-2024 Best Reviews, a clovio brand –
All rights
reserved
Privacy
policy
·
Cookie
policy
·
Terms
of use
·
Partnerships
· Contact
us