Regular readers of this blog know that I’m not a fan of password managers because using one is like placing all of your eggs (i.e. your entire digital life) into one fragile basket.
Think about it for a moment. If the passwords to all of your online accounts are stored in a single database, what happens if that database is somehow breached by hackers?
That’s right – the hackers will have immediate and full access to your entire digital life!
The companies behind the most popular password manager apps and services go to great lengths to explain how their products safeguard your passwords and the precious stored data and information they protect.
Truth be told, they really do put in a great effort to make their products as secure as possible. Unfortunately, that doesn’t really matter. Here’s why…
There have been several incidents recently where various password manager solutions were either breached outright or flaws in the software would have made a breach possible had they not been discovered and patched.
And as recently as 2017 the popular online username and password management service OneLogin was successfully hacked.
According to this post on OneLogin’s blog the hackers might possibly have decrypted the site’s sensitive customer data, including their stored login information.
I’ve said it before, and I’ll say it once again: Password managers aren’t as secure as most people believe them to be.
After all, they are software products at their core, and all software products have the potential to be “buggy” – and thus potentially breached by hackers.
If a single app or online service is storing all of your usernames and passwords, it’s easy to figure out what would happen if that app or service were to get hacked.
Now all of the above being said, there’s yet another reason why using a password manager app is a bad idea: If you forget the master password or otherwise get locked out of your account, you’ll be unable to log in to ANY of your online accounts unless you’re able to reset those passwords on their respective websites.
That’s why I recommend skipping password managers altogether and using strong, yet easy to remember passwords instead.
Bonus tip: After you have your passwords squared away, I recommend that you also enable Two-Factor Authentication on every account that supports it to lock those accounts down tight.
Never miss a tip! Click here to sign up for my free Daily Tech Tips Email Newsletter!