Skip Navigation

02 Feb 2022

Should you use Password Manager?

Sahil Kokamkar
Unsplash Credit:@towfiqu999999

The answer is yes, but why?

Password Manager helps in managing password from different sites as nowadays most sites ask for logging details first to harvest the user information. As it's hard to remember every password and using same password on site is risky. This is where password manager came into action, it keeps all logging details safe and organized.

Which one should you use now?

As there are a lot of password managers out there. Even some are integrated in browser such as Google Password Manager and Firefox Sync which manages the logging. But they are not easy to use on multiple different browsers as we need to export and import password in different browser. This is where full-fledged password manager shines, they offer cross-platform support, sync, 2FA, U2F and much more. Not only that you can store your personal details, files card details in it for easy access. All data is stored in encrypted format using Algorithm of your choice such as AES, ChaCha20, Twofish etc.

Getting started with Password Manager

There are all type of password manager fully-offline, self-hostable and managed.

Full-offline:

Offline password manager store files in encrypted file format locally, it's easy to get started KeePass it's free and opens source.

Self-hostable:

This is one I use, I have setup my own vaultwarden server which is compatible with Bitwarden. You can host the server local or on cloud, just make sure you take backups regular and properly secure your server.

Managed (SAAS):

It is most common and easy to use. As it doesn't require you to manage anything. But it's not fully free, as some offers free tier but not some. You can try Bitwarden as they offer a generous free tier, and it's open source. There is also 1Password and other such which doesn't offer a free tier and are close source.

Pros:

  • Offers better management for password and other stuff, no need to remember everything.
  • Takes care of generating secure password
  • Cross-platform
  • Checks your password and details if they have been breached using HIPB and notifies you.
  • Offers extra security with 2FA and UFA support.

Cons:

  • Single point of failure – Once you lose master password or 2FA it's impossible to unlock, so makes sure you store your seed safely.
  • If your login credentials are compromise. The user with those details can get all your passwords and details. So make sure you use multiple factor authentication and store separately (Don't put all your eggs in one basket).
  • Loss of data – You can lose all your passwords and data if you don't take regular backups.