In an earlier article, we talked about what password managers are and how you can use them to make logging into online accounts easier. (Click here to read that article).
Today, we’ll talk about what you need to look for when choosing a password manager.
At the top of my list would be two-factor authentication. That means if someone tries to access your account, they’ll have to input not only your password but a special code sent to your phone or email. So, even if someone were to get their hands on your password, they still couldn’t get into your account unless they had your phone or that email address. In addition, I also suggest enabling two-factor authentication on all of your online accounts if it’s available. (You can click here to learn more about it.)
You’ll also want to make sure your password information is encrypted, although all major password managers offer that. That means that even if someone got into their servers, your information is stored in a code that can be translated without the encryption key. (which is literally a digital key used to unlock your password). Look for a service that stores that key on your device and not in the cloud.
And while this sound counter-intuitive, you may want to go for a password manager that does not allow you to recover your master password if you forget it. Because if you can recover it, it’s possible a crook can use the same process to steal it.
Another feature to look for is a password manager that allows you to designate a legacy contact to receive your password information in the event of your death.
A reader had asked earlier about my opinion of Kaspersky’s password management app. It’s a perfectly adequate password manager, though it doesn’t have quite as many features as some of the more well-known password apps like Roboform, Dashlane, and LastPass.
If you’d prefer a password management app that doesn’t store your information, consider this non-digital alternative called PasswordCard (Click here to read about it.)
And there’s always a good old-fashioned notebook. While that can’t be hacked remotely, it can be lost, stolen, or damaged. And unless it’s under lock and key someone might pick it up and read it. And you can’t access it unless you have it with you.
Cyn, related to this is the two-factor authorization, and here’s a thought. I avoid sending the verification to my email, since the device that is home for my browser is also home to my email. If someone should get in to my place, they would have access to both. I would have my cell phone with me.