Pros and Cons of Password Management – You may have heard of password managers − systems that remember all your passwords, so you don’t have to. They’re definitely convenient, and ones like LastPass are very highly rated. But are they safe? Password managers come with risks, and here are some of the main reasons you may want to avoid using them.
Why Password Managers Are Recommended
Some were suspicious of the reliability and the security of password managers early in their arrival to the market. A few of the earliest password managers were targets of successful exploits and compromises, damaging the public perception of such tools. For a time, password management tools were seen as security risks, not boons.
These days, most of the leading choices are secure, encrypted, and feature-rich. It’s hard to find a cybersecurity expert who wouldn’t recommend a trusted password management tool. (The common thinking is that even if a password tool were a risk, it’s less of a risk than allowing an entire organization to use weak, recycled passwords.)
The dangers involved with using recycled, short, or easily guessed passwords are widely known. The likelihood of poor passwords leading to an incident is rather high because they create a weak link. So what are the pros and cons of using a password manager?
You Could Forget Your Master Password
Pros and Cons of Password Management – One of the most significant risks in using a password manager is forgetting your master password. When you use a password manager, you only have to enter that one master password for your password manager account, no matter whether you are logging in to your social media account, banking account, or anything else.
You only have to remember a single password for all accounts, which is convenient. However, that master password still needs to be secure enough so that people cannot guess it, and this means that it may be so complex that you forget it. If you forget your master password, you won’t be able to log into anything, and resetting it will take a bit of work.
Not all Devices are Secure
Not all devices are secure, and this could be your tablet, your laptop, or your phone. This is usually the case with older devices that feature out-of-date operating and security systems, particularly those that no longer support new updates.
If you have a phone or computer susceptible to malware, spyware, and viruses in general, a criminal could get a keylogger virus onto your device, which records all keystrokes.
A hacker could access your master password and accounts that you are using the password manager for. If you plan on using a password manager, make sure to only do so on trusted and highly secure devices.
They Don’t Work on all Browsers and Devices
Although this really is just a minor negative, not all browsers and devices support all password managers. Of the four main web browsers (Chrome, Explorer, Edge, Firefox), you can estimate that most password managers may work on only two or three of them at most. This is not a huge issue, just an inconvenience, but still, something to consider.
There Might Not be a Backup
Pros and Cons of Password Management – One of the more serious issues you might be faced with when using a password manager is that there might not be a backup of all of your information. There is always a chance that the server that the password manager runs on could break down.
Should this happen and there is no backup of your vault (where all of your passwords are stored), you will have to wait until the server is back up to log into your accounts.
Moreover, if you have a backup stored on an offline device, if the server crashes some and someone hacks into your device, they could access your password vault.
The Service Itself Could be Bad
Pros and Cons of Password Management – There are a few different password managers to use, and as with all products and services, some are better than others. There are some truly great ones, such as LastPass, but many are known to experience many issues.
The low-grade password managers might have few features, poor customer service, servers that get overloaded, etc. Before you choose a password manager, make sure to do your due diligence to determine whether or not it is one of the good ones.
The Cost
Pros and Cons of Password Management – We aren’t going to go into much detail here, but these services cost money. If you are just planning to use it for basic accounts that don’t have much sensitive information on them, the cost of a password manager might not be worth it.
The Risks of a Single Sign-on System
Pros and Cons of Password Management – We touched on this before in terms of someone obtaining your master password, but there is also a bit more to it than that. Hackers can potentially hack the password manager, their servers, your device, and your internet connection.
Although it is not common for password managers to suffer from such large-scale security breaches, it is possible.
If a crook hacks into the server where your vault is, or even the vault itself, it can put you at risk. If all your passwords are stored in one place, you will be in serious trouble if a hacker gets in.
They Don’t Do Your Memory any Favors
Pros and Cons of Password Management – Although this doesn’t really have much to do with the password managers themselves, if you stop forcing yourself to remember things like passwords, it can adversely affect your memory. Just think about how 30 years ago, we all had to remember phone numbers.
Now, with smartphones, if your phone breaks, you probably couldn’t even remember your mother’s phone number. Although not much research has been done on this front yet, using yet another piece of software to do the heavy lifting for you cannot be great for your mental capacity and overall cognitive abilities.
Like your muscles, to keep your brain in top shape, it needs to be exercised, and using software to remember passwords is another way humans have become lazy.
Pros and Cons of Password Management
Pros:
- Humans can be unreliable as they can come up with bad passwords, forget their password, or are genuinely disinterested in security. With a PM there is no need to worry about remembering all your different passwords.
- Using the same credentials for each account is dangerous as it creates one point of failure.
- Good password managers encrypt all your personal data in case someone hacks the PM software directly; the hacker might get your passwords but they won’t know who the passwords belong to.
- PMs can keep you up to date with the latest breaches and advise you if any accounts may have been affected/hacked.
- Can use offline password manager (not stored on the web/not a web browser plugin).
Cons:
- Single point of failure – if someone gets hold of your master password, they have all your passwords.
- Password manager programs are a target for hackers.
- It’s not easy to login using multiple devices.
- If the main password is used/typed/saved on a computer with malware, your main password can compromise all your other passwords controlled by the PM – all your passwords are only as secure as your master password.
Conclusion
While password managers may be convenient, they also have their risks and drawbacks. We aren’t saying that you shouldn’t try using one, but please exercise the utmost caution.
Ingrid Maldine is a business writer, editor and management consultant with extensive experience writing and consulting for both start-ups and long established companies. She has ten years management and leadership experience gained at BSkyB in London and Viva Travel Guides in Quito, Ecuador, giving her a depth of insight into innovation in international business. With an MBA from the University of Hull and many years of experience running her own business consultancy, Ingrid’s background allows her to connect with a diverse range of clients, including cutting edge technology and web-based start-ups but also multinationals in need of assistance. Ingrid has played a defining role in shaping organizational strategy for a wide range of different organizations, including for-profit, NGOs and charities. Ingrid has also served on the Board of Directors for the South American Explorers Club in Quito, Ecuador.