What Is a Password Manager?

Next story

With so many of our everyday activities now taking place online, the number of online accounts you have to juggle can be overwhelming. In theory, no one wants to get their online accounts hacked, especially when their personal information is at stake. In practice, however, Singaporeans are largely careless with online password security, with 50-70% of them using the same password across multiple online accounts.

Now that working from home and outside the safe confines of the office intranet is the norm, the number of passwords you need may have significantly increased. If even one of those accounts is compromised in a data breach, it doesn’t matter how strong your password is, hackers can easily use it to get into your other accounts.

The safest method to save them, however impractical it sounds, is to memorise all your passwords. But with password measures being ridiculously complex (passwords should be long, contain an uppercase letter, a number, and a special character), memorising all of them can be a tough task. The solution is to offload that chore to a password manager, which offers a safe vault for all your passwords across all your online accounts.

What is a password manager?
Despite the increase in data breaches, Singaporeans still practise poor password hygiene and are in the habit of storing their passwords on a computer, writing them down, and using the same passwords for both work and personal accounts. 

The overarching reason behind such behaviour is the difficulty of generating and remembering strong passwords. However, you can ease this burden by automating both those tasks with the help of a tool called a password manager. A password manager can provide a secure, automated, and digital way to both generate strong passwords and save them for you. It can generate a strong, new password whenever you create an online account or are trying to change a password, as well as store your passwords securely.

Password managers don't just stop there. They also come in handy for storing other vital and sensitive information such as credit card information and bank details. All users have to do is store all this information in the password manager and secure it with one master password, similar to a master key.

Why do you need to use a password manager?
Passwords are stolen and guessed all the time. In fact, a variant of the malware Mirai unsettled Singaporeans in 2019 by targeting system vulnerabilities through brute-force attacks, a method where hackers try out various combinations of usernames and passwords in an attempt to correctly guess yours.

That's not all. Singaporeans are also experiencing a rise in phishing scams on websites and emails where threat actors try to trick them into handing over their password. Although websites are meant to scramble your passwords whenever you enter them, not all websites use strong algorithms to do it, which makes it easier for hackers to unscramble your password.

This is where password managers can help you by generating long and complex passwords that are infuriatingly tough for hackers to unscramble. Apart from that, password managers also relieve you of the daunting task of remembering multiple different passwords for your online accounts, and protect you from harm arising from a data breach, acting as a powerful way to keep out hackers.

Password managers also provide autofill options that allow you to obscure your passwords from onlookers and prevent credential stuffing attacks, where hackers use your user login details stolen from other less secure services or sites to log into other sites in hopes of gathering sensitive or personal information that can be used in other scams or attacks.

What makes a password manager safe?
Password managers enable users to practice good security hygiene by making every password unique and sufficiently complex. However, the underlying reason is that password managers, such as the one in ESET Smart Security Premium, make use of what is known as the zero-knowledge security model. What zero-knowledge security means is that while the password manager tool knows your passwords, the organisation that made it does not.

This model comprises 3 layers, namely the encrypted data of the users, the tool's password (which is not stored on the system), and the security key. These layers of defence all rule out any exposure to passwords and greatly reduce the risk of a password being stolen or being obtained by a cybercriminal. To learn more about password managers, click here.