Are password managers a single point of failure? This is a question that gets asked by many new people to password managers.
With all the data breaches happening it’s no wonder people are concerned about using a password manager.
However, as long as you have a strong master password and enable two-factor authentication (2FA) on your account, your data will be safe. Password managers are the best way to store your passwords and keep them safe.
In this post, we’ll go over why you should use a password manager and why it being a “single point of failure” is not entirely what it seems!
What Is a Password Manager?
A password manager is an app that helps you manage your passwords in a secure way.
You can store all your passwords in one place and access them with one master password.
Password managers are great because they help you create strong passwords, store them securely, and autofill logins for you.
With the average person having over 100 internet accounts, which is 100 different passwords, having a password manager is becoming a must these days.
Why Should You Use a Password Manager?
There are many reasons why you should use a password manager or also call password vaults. The first reason is that it’s better than reusing the same or similar password across multiple accounts.
Password reuse is such a huge problem, it’s the most common way people get “hacked”. If one of your online accounts gets breached and the password leaked, the hacker will have access to all of your other accounts if you’re using the same password.
With the average person having over 100 internet accounts you can see how one password getting leaked can lead to a lot of other accounts getting hacked too if you reuse the same or similar passwords.
Another reason to use a password manager is that it’s more convenient than having to remember all your passwords. It’s not sane or possible for a human to remember 100 unique passwords but a password manager can.
Lastly, password managers can autofill forms for you so that you don’t have to type or remember all your credit card information or addresses.
Let’s not forget that password managers are for more than passwords. You can share items with other people, so they know the gate code, shared addresses, emergency contacts, warranty information and more.
How to Keep a Password Manager From Being a Single Point of Failure?
The best way to keep your password manager from being a single point of failure is to pepper your important passwords.
If you pepper your important passwords, even if someone got in your password manager, they would not know the whole password.
With peppering, you can have your cake and eat it too! There is no good reason to not use a password manager these days especially when there are so many things needing passwords.
But we’re not done just yet, there are a few more things you should do to keep your password manager account secure.
You Need a Good Master Password for Your Password Manager
What makes for a good master password?
A good master password is 4 or 5 randomly generated diceware words.
Don’t let the word “diceware” scare you, it’s just simple words in a list that is often used with dice to create a passphrase. A passphrase is exactly like a password, but has multiple words.
The process to make a good master password is super simple, we have an easy-to-follow guide here.
Turn On Two-Factor Authentication (2FA) Too!
You should also enable two-factor authentication (or “two-step verification”) on your password manager account. This adds an extra layer of security in case someone gets your master password.
With two-factor authentication enabled, even if someone has your master password, they cannot log in to your account unless they also have physical access to your 2FA device.
Your master password is something you know, and your 2FA is something you have. It’s much harder to steal the thing you have compared to the thing you know, this is why 2FA is so vital and why using both for a password manager is a must.
Write Down Your Master Password and 2FA Recovery Code!
This may seem counterintuitive since a few people are against writing passwords down for outdated reasons, but hear us out.
If you have your master password and two-factor authentication recovery code written down and stored in a safe place, then you have a backup in case you forget or lose either one.
Since your master password is used to encrypt the data in your vault, forgetting it means you lose everything in your vault. This is a feature, if the password manager company could reset your master password, then it means they know your master password, and if they know your master password, then anyone who hacks them would also know it too. You can always change your master password later if you know it, but if you forget it, you can’t reset your master password.
In the section where we give you a link that shows you how to make a master password, it also doubles as the emergency sheet that you can print out and put this information on. We highly suggest you print out this emergency sheet, write down your master password and recovery code, and keep it somewhere safe in your home.
Why Is a Single Point a Good Thing?
Far too many people think that a single point of failure is a bad thing for when it comes to password managers, but they never realize how it can be a good thing for many situations.
If you’re “keeping all your eggs in one basket”, you have one single thing to watch out for and can heavily secure it. Instead, what far too many people do is spread their attack surface far and wide by reusing passwords, so they end up with multiple points of attack, which is far worse than one strong single point.
Another reason a single point is better is for sharing passwords. With many password managers, you can share passwords with other people like family or co-workers, so they don’t need to keep asking for the Netflix or system password. And when you update that password, it shows up for them.
The last reason is if something were to happen to you or someone you care about. Keeping your passwords in a secure and safe location is very vital in an emergency where you’re not conscious or have passed on. Being able to pay rent, electric, water, and so on is often behind a password and in stressful situations having a single place to look can’t be understated.
What if You Still Don’t Trust Password Managers?
If you still don’t trust password managers, then the next best option is to use a password book.
A password book is a physical notebook where you write down all your passwords.
The obvious drawback to this method is that if someone gets their hands on your password book, they have all your passwords. Though, someone finding your password book in your home is a lot harder than an online vault available to anyone with an internet connection. And you can also apply the peppering technique to the password book too!
The real drawback to a password book is that they don’t generate the passwords for you like a password manager would. As talked about earlier, password reuse is the biggest threat people have when it comes to their online security.
To help solve this problem, we’ve created a password generator that makes 200 unique passwords that you can print out and use, along with using it as a bookmark for your password book.
Another drawback to a password book is that they’re far harder to keep organized. People are naturally lazy, and you may start out well, but in a rush you may get sloppy, and the password book turns into a mess.
If you can use all unique passwords for every account and can keep organized, then using a password book will be good enough.
At the end of the day, the best way to keep your passwords safe is still using a password manager with a good master password, two-factor authentication enabled and storing the emergency sheet with your master password and recovery code in a safe place.