What does a password manager do?

For readers in a hurry:

• A password manager generates, stores and manages complex passwords for various online accounts securely and accessibly.
• It offers advanced encryption to ensure the security of sensitive information, even if data falls into the wrong hands.
• Password managers automatically recognize when access data is required and offer options such as two-factor authentication for additional security.

Why are secure passwords important?

Secure passwords are crucial to protect personal data and online identities from unauthorized access by hackers. A strong password is therefore the first line of defense against potential cyberattacks and data misuse. By using complex and unique passwords, users can prevent their confidential information from being compromised.

Using insecure passwords - i.e. passwords that are easy to guess - and reusing them for different accounts significantly increases the risk of identity theft. It is therefore important to follow password security best practices and use complex passwords consisting of a combination of letters, numbers and special characters. Of course, such passwords are almost impossible for a person to remember. They should never be written down on a piece of paper. Writing them down unencrypted on a PC is also out of the question. This is where a password manager helps users to generate secure passwords and keep them safe.

What does a password manager do?

A password manager is an application designed to generate complex passwords, store them inaccessibly to third parties and manage them securely. It allows users to securely store their access data for various online accounts and access them conveniently via the password manager. These protected data containers for various passwords can be stored either in the cloud or locally on the device. Well-known password managers include Dashlane, LastPass and KeePass.

In addition to password management, password managers also offer the option of generating secure and unique passwords. The creation and management of passwords becomes more secure and efficient, as users no longer have to remember the multitude of their existing and ideally complex passwords for online stores, online banking access or web services.

By using sophisticated encryption methods, password managers ensure that data is protected even if it falls into the wrong hands. This ensures the security of sensitive information and protects users from unauthorized access.

How does a password manager work?

A password manager allows users to store all their passwords securely in one central location without having to remember each one. The user only needs to enter a previously defined master password to access the encrypted data vault. This master password serves as the key to unlock and retrieve all stored access data. The way it works is as follows:

• Creation of an encrypted file ("vault"). All existing and future user names, passwords and other login details are securely stored in this file.
• A secure and unique password can be generated automatically for each newly added account during the initial registration.
• Only the master password or a passkey is required for the user to access saved access data. You can find out more about passkeys and their differences to passwords in our article "Passkeys - the better passwords?"
• Once the master password or passkey has been entered, the saved login data is automatically transferred to the login screen when a website requiring login is accessed.
• Services such as ProtonPass in conjunction with ProtonMail even make it possible to create unique e-mail addresses so that the user also has to disclose their "real" e-mail address to log in to services. This means that both the user name and password are unique.

How does a password manager recognize whether a password is required?

A password manager automatically recognizes when the user visits a website or opens an application that requires access data based on the information in the website or calls in the desktop application. Based on the previously saved login information, the password manager identifies whether there is a suitable password in the password vault that can be used for the login.

Personal settings make it possible to define which websites should save passwords and which should not. In this way, users retain control over which access data is saved in their password manager.

In addition, many password managers support two-factor authentication (2FA) to further strengthen account protection. This additional level of security requires another form of authentication in addition to the password, such as an SMS code, a fingerprint scan or an application on a mobile device such as Microsoft Authenticator.

Types of password managers

The main difference between the password managers on offer is whether the password data is saved in a cloud storage or in a local storage.

Password managers with cloud storage save the password data on a remote server, which is usually operated by the provider of the tool. This enables convenient access from different devices and facilitates the automatic synchronization of password changes. However, there are security concerns regarding potential hacking attacks or data leaks in the cloud.

In contrast, password managers with local storage save the data exclusively on the user's device. This offers a higher level of security and data protection, as the passwords are not accessible via the internet. With local storage, there is also no dependency on an Internet connection. However, the up-to-dateness of the data on the local storage may be limited as there is no automatic synchronization between different devices.

Advantages of using a password manager

The use of a password manager offers many advantages. The centralized management of passwords increases security as users can use strong and unique passwords without having to remember them. The automatic entry of passwords saves time and minimizes human error when logging into accounts on different websites.

As most password managers store the data in the cloud, users can also access their access data on the move from anywhere. In addition, most password managers are cross-platform and can be used on different devices such as desktop, tablet and smartphone.

Another advantage of using a password manager is the ability to generate secure passwords that comply with current best practices for password security. This feature also protects against keyloggers or other types of malware that could intercept user input (phishing). The passwords generated by the tool take into account the requirements for secure passwords such as length, upper and lower case, numbers and special characters to ensure the highest level of security.

Furthermore, most tools have the function of recognizing weak or previously used passwords and alerting the user to these potential vulnerabilities.

Disadvantages of the password manager

Although a password manager offers many advantages, there are also some disadvantages to consider. For example, there is a risk that the user's master password could be compromised, potentially allowing access to all stored passwords.

Another aspect is that password managers may not work offline on all devices. This can be problematic if the user does not have Internet access but still wants to access their stored access data.

Some users may also have security concerns if their passwords are stored in a database, even if they are encrypted. Reliance on a password manager therefore carries potential risks that need to be carefully considered. It is worth considering keeping a hard copy or digital copy (only) in a safe.

Are browser-based password managers sufficient?

Popular browsers such as Google Chrome, Firefox and Microsoft Edge already have an integrated password manager. These allow users to save their login details for the websites they visit and enter them automatically the next time they visit a website.

Unfortunately, these browser-based password managers do not offer the same level of security as dedicated password managers. They store passwords unencrypted and are more susceptible to hacker attacks. It is therefore advisable to manage security-critical passwords with dedicated password managers and only use the browser password manager for less sensitive logins.

Conclusion / Outlook

A password manager is an indispensable tool for protecting personal data from cyber attacks. It securely generates, stores and manages complex passwords and enables convenient access to various online accounts. Thanks to sophisticated encryption methods, it offers protection even in the event of a data leak. Despite some potential risks, the advantages outweigh the disadvantages, especially when compared to browser-based solutions.

About Business Automatica GmbH:

Business Automatica reduces process costs by automating manual activities, increases the quality of data exchange in complex system architectures and connects on-premise systems with modern cloud and SaaS architectures. Applied artificial intelligence in the company is an integral part of this. Business Automatica also offers automation solutions from the cloud that are geared towards cyber security.