Password managers make it quicker for you to log in to sites because they remember your passwords and can automatically log you into websites.
Another advantage of a password manager is that it is simple for you to use different passwords for every website. If a bad actor ever discovers your password for one site, they can use a technique called credential stuffing to try the same password at other sites too. If you’ve reused the password, then the attacker will gain access.
Some password managers synchronize passwords between multiple devices, including phones and computers. Some password managers come with added features. Some people consider the added tools bloatware. If there is a feature you don’t need, see if there is an option not to install that feature. A password manager needs to use plugins for users’ browsers, so that’s a given. Stuff like VPN offerings aren’t always beneficial, and sometimes installing additional programs creates “one more thing that might go wrong” or “one more program an attacker can attack” on the computer or phone.
Which password manager should you choose? You might already have a favorite. If not, consider asking your IT Professional for their input. If you use the one they like the best, you’ll know they’ll be able to help you if you have a question later. If a product forces you to install added software and you have no option to opt-out, consider a different password manager.
If you read reviews, many reviews weigh “free” heavily into their weighting. I know I’m willing to pay to get the best product and understand that companies need to make money to survive.
Of course, as always, I strongly encourage you to use some form of two-step verification in addition to the password. If the website provides the option to “Remember this device” so you don’t need to go through the second step as often, then logging in the second time should be almost seamless for you if you have a password manager.
What is the most significant risk of using a password manager? People immediately think of how attackers might break into the password manager to steal the passwords. With the modern technology to protect the password vault, it is more likely an attacker will steal your passwords out of your browser if you’ve told the browser to remember your passwords. To feel better, you might choose to memorize passwords for your bank and other sensitive passwords, but use your password manager for less risky logins. If you use a two-step login, you’re still protected by the second step even if an attacker discovers your password.
Perhaps the most significant risk of using a password manager is that attackers might somehow infect the company that writes the software and use the program to attack your computer. Attackers taking control of a widely used and trusted program is known as a supply chain attack and is what happened at Solar Winds, Log4j, CCleaner, and other high-profile breaches.
Passwords do not always stop attackers. They get into computers and wait for the user to enter the passwords for them: https://fosterinstitute.com/how-attackers-bypass-your-password-protection-even-if-you-use-two-step-login/
Please forward this to your friends so they know a password manager can speed up their workflow.