Are your passwords safe?

See if your passwords have been leaked on the dark web by activating ClearScore Protect for free now.

See your stolen passwords

Why use a password manager?

Password managers can make your life easier, and your information safer.

07 May 2020Andre Spiteri 3 min read
Woman on laptop with orange cardigan and bracelets
Image by Christin Hume on Unsplash

Are your passwords safe?

See if your passwords have been leaked on the dark web by activating ClearScore Protect for free now.

See your stolen passwords

How do you remember your passwords? The average internet user has 27 accounts. Which means 27 passwords to remember.

Luckily, you don’t have to commit them all to memory. There are password managers for that. These are apps that keep your passwords organised and store them securely.

There are two good reasons to invest in a password manager.

Firstly, they encrypt your passwords, which means they’re scrambled and can’t be understood without a special key. This is safer than storing them in a document on your computer, or on a piece of paper you could misplace.

The best password managers use 256-bit AES encryption, the encryption standard used by the US government. There’s a 1 in 115 quattuorvigintillion chance someone could make sense of the scrambled data. Quattuorvigintillion is a 78-digit number — more than there are atoms in the whole universe.

Secondly, you only have to remember one password (the password manager’s password, or master password). This means you can make all your passwords as complex as possible without having to worry about remembering them.

Password managers also have other advantages:

  • They autofill login fields for you, so you don’t have to type anything. It’s quicker, easier, and protects against keyloggers.
  • Many have tools you can use to assess how secure your passwords are and change weak ones
  • You’ll get regular updates about possible security breaches so you can change passwords and keep your accounts secure
  • You can share passwords with family and friends through the app. This is safer than giving them out over the phone or by text

Are there any downsides to a password manager?

Good password managers are quite secure, because of strong encryption. But there’s a weak link. Your master password can still fall into the wrong hands. For this reason, it’s worth making it as complex as possible.

Most password managers will let you log in using Touch ID or Face ID, so you don’t have to remember the master password. Just make sure you store it somewhere safe, like the bottom of a locked desk drawer.

It’s also worth setting up two-factor authentication. This adds an extra layer of security to your account. Alongside your password, you’ll need a random, one-time code to log on.

If you google ‘best password managers’, you’ll find the following four apps on most lists:

All are fine choices. That said, you may be nervous about picking one at random. To help you narrow things down, we’ve partnered with 1Password to bring you an exclusive offer on a password manager. As a ClearScore user, you’ll get 25% off the first year with 1Password.

Next step: save 25% on your first year of 1Password with ClearScore. Claim your offer now.

Or if you’d like to do your own research to find the right password manager for you, here are three things to consider.

1. What’s their encryption model?

Most major password managers are cloud-based. The good thing about this is that your passwords sync across devices, so you’ll have them whether you’re on your laptop or your phone.

The flipside is that, for this to work, they have to store some data on their servers, and servers can be hacked.

The best password managers use zero knowledge encryption. This means they only store scrambled data on their servers. They won’t know and won’t have access to your master password.

So if a hacker manages to access the password manager’s servers, they won’t be able to make sense of the data. LastPass, Dashlane, and 1Password all use zero knowledge encryption.

KeePass isn’t cloud-based. This means there are no servers to hack. The trade-off is that it’s less convenient, because it doesn’t sync across devices automatically.

2. What other security features do they have?

Zero knowledge encryption is a good start, but it’s not a silver bullet. Your master password can still be hacked, so you should pick a password manager that’ll protect you from this risk.

The very best password managers have two-factor authentication. They’ll also:

  • Automatically log you off if you’ve been inactive for a while, so no-one can get in when you’re not looking
  • Ask you to retype your master password or an authentication code every so often to confirm your identity
  • Allow you to change account passwords straight from the app
  • Back up your password data, so you can restore it if something goes wrong

3. What’s their reputation?

Is your choice reliable? Or does it have a history of data breaches and hacks? Googling ‘[password manager] + hacked’ is a quick way to find out whether the password manager you’re thinking of using is as safe as its marketing materials say it is.

Some password managers have gone the extra mile and commissioned security audits. This means independent experts have checked the app for flaws and confirmed it’s safe.

If you want award-winning protection, 1Password is regularly featured in lists of the best password managers around. They scored top marks in usability, security measures and privacy practices, according to Consumer Reports, making them a great choice if you’re not sure where to start your search.

Andre Spiteri Image

Written by Andre Spiteri

Financial Writer

Andre is a former lawyer turned award-winning finance writer.