PASSWORD MANAGERS FOR SECURE PASSWORDS

We all have dozens of accounts for our email, social media, web applications and accesses to business accounts. Providers recommend or even require us to use “strong” passwords, consisting of a long sequence of numbers, letters and characters. In order to minimize the damage in possible future cyberattacks, we use different passwords for all of our accounts. The result is a vast number of passwords that we cannot possibly remember.

There is an intelligent and secure solution for this: A password manager. All passwords can be stored in a virtual safe. Access to all passwords and accounts is provided by a single master password.

We strongly recommend using a password manager for private and business purposes. The following solutions are in use at Glue:

THREE OF THE BEST PASSWORD MANAGERS

We compare the three password managers 1Password, KeePass and LastPass. All are compatible with Windows, Mac and Linux and have Apps for Android and iOS. The browser add-ons that are offered are extremely practical and allow users to utilize the full range of functions. All three password managers can be used in German. For additional security, they also offer two-factor authentication (2FA).

1Password is very popular, even some of our Glue employees use it privately. In addition to the basic functions of a password manager, it scores with password sharing, storage of identification data, secret notes and other extras. The app and the browser extension are designed very intuitively and have a high usability. Passwords can be stored locally or in the cloud. However, the encryption always happens locally and not over the Internet. Unlike its competitors, 1Password is not free; users pay around CHF 36 per year. (more at: www.1password.com)

KeePass is an open source password manager. It addresses a target group that has a technical affinity, appreciates high flexibility, tends to distrust cloud providers and does not want to make any compromises in terms of security. Since KeePass works offline, users have to get by without password sharing functions. Those who are willing to learn more about KeePass and have no problem doing without a first-class design and high usability will be rewarded with one of the most secure and adaptable password managers. (more at: www.keepass.info)

LastPass is the only one of the three password managers that does not require a desktop application, is very easy to use and has a few extra features. The extensive free version also includes password sharing, which is often a decisive factor, especially when working in teams. In the past, there have been some security vulnerabilities; the manufacturer has responded with controls and processes that achieve compliance with SOC 2 Type 2, the “gold standard” for security and reliability. LastPass also provides increased security for end users with an integrated password generator, warnings for insecure passwords and support for multi-factor authentication (MFA). (more at: www.lastpass.com)

Conclusion: All password managers ultimately have their advantages and disadvantages. Unfortunately, no software today offers 100% protection, but one thing is clear: Choosing a password manager is much more secure than writing everything down on sticky-notes or using the same password everywhere.