Different types of password managers and their uses for work

Most of us hate registering accounts and even more hate creating passwords. And, probably, this could be the primary reason we re-use them many times when creating new accounts. This easy method will help us solve our problem at one end – registration. But, it will open a new problem – a security threat. However, we can address both the issues with a PASSWORD MANAGER. 

Now, what is it actually, and how does it help us with password management. Let us now walk through such things. 

What is a password manager?

It is a program that lets us generate and store all our passwords in a safe place. Most of these allow us also to store credit card information besides secure notes. They even support biometric data (face and fingerprint) instead of our master password for added convenience and security. We can even share desired information with our colleagues, friends, and family. To disseminate, we need not even copy-paste the password in a message or email. 

So, what do all these mean for us? The ease of securing and sharing a password. That too, not by remembering every password information for all the sites we use but with just a single password for our password manager. Also, thanks to the autofill and autosave features, we can easily connect to all our accounts.

How do password managers secure our passwords?

There are numerous ways to classify password managers. Nonetheless, let us only look into the three most used technologies and see how they work for us. We should even keep in mind that a few providers provide multiple ways to our data. Most of them will require you to use a master password that protects your vault.

Here are the three kinds of password managers:

• Offline or locally installed password managers
• Online or web-based password managers
• Token-based or stateless password managers

Let us see each of them in detail to determine what goes best for our needs and organization type. 

Offline or locally installed password managers:

We can guess it by name. These are locally installed password managers, even called offline password managers. They store our data on our preferred devices such as computers or smartphones. We can find the passwords in an encrypted file, separated from the password manager itself. Some of them also let storing every password in a separated file, significantly boosting overall protection.

As always, we require a master password to log into our offline vault. If we have a strong password, there is less scope for governments or hackers to break into the local database. That is because brute-forcing military-grade encryption needs a considerable quantity of time. What is more, if we keep that gadget with all passwords offline, there is no chance to access it without taking it.

Offline password managers naturally have some innate defects. For beginners, accessing them on several devices could be challenging. There is only one site, and other appliances have to sync with the one that has the vault somehow. It, basically, means having the device with the locally seated password manager online, making it accessible to third parties. Eventually, if the gadget with the offline password manager crashes and we have no backup, we should be prepared for some tiresome manual toiling.

If we have a locally installed or offline password manager, our passwords are stored locally! More specifically, it is the device we have chosen for our vault. However, there is a chance to synchronize the passwords between numerous devices, which signifies that they should be online. If we want even more protection, we can save our passwords on multiple files, necessitating an individual key for each.

Pros:

• Eradicates the chance that somebody will breach our password vault
• Usually, it is a free service

Cons:

• We can access our locker on only a single device
• In case we lose our stored gadget, we lose the vault

Online or web-based password manager services:

These are, by far, the most widespread ones. These store passwords online, which are generally the providers’ servers. Such a setup means that we can access our passwords anytime and anywhere without installing the online password manager software. If accessing our vault through a web application is impossible, we only require a mobile app or a browser extension.

But how do we know if the passwords are not handy to the providers? Well, all reputed online password management companies use zero-knowledge technology. It indicates that they will encrypt our data on our devices before sending it to their servers. It also suggests that our vaults are available for access attempts to third parties 24/7. What is more, all safety measures imply nothing if there is a keylogger malware on our devices, and we are not using two-factor authentication.

Ultimately, we should be ready to spend for an online password manager. There are excellent non-paid versions to pick from, but a few attributes such as dark web scanning or device limit will always come with only payment. Said this, it is not that many paid online ones will dent our banks, especially if we commit long-term.

Chances are we opted for the online (or web-based) password manager. In this case, online storage stores our passwords. Our vault is on the provider’s server, available round the clock from anywhere as long as we have the master password. We do not even require installing the password manager client – the majority of the time, a browser extension will do the trick. We can sometimes access the vault through a web application available on the provider’s website.

Pros

• We can sync our vault across all our devices
• Usually, it will be paid service

Cons

• We need internet connectivity to authenticate 
• The storage of our credentials is in an undisclosed location

Stateless or token-based password managers:

The last one on the list is the token-based or stateless password managers. A local hardware piece, like a flash USB device containing a key to unlock our particular account, is present in this setup. There is even no such thing as a password vault as the password manager develops them anew every time we log in. For extra security, we suggest using not only the token but a master password too. This way, we can implement two-factor authentication.

Stateless password managers do not need synchronization between devices as there is no database in the first instance. In a way, that is also safe as there is no place where a hacker can find all the passwords. However, one can hack token-based passwords if one knows the account and the master password.

Opposite to online password managers, these are generally free and open-source. This is why inexperienced users are explicitly advised not to go for this. All the aid they get will be from knowledge bases and forums. On top of that, we need a USB stick or a smart card reader for token generation.

And if we are using a token-based password manager, our passwords are kept nowhere! How can this be so? As we know from the name itself, there is no password vault, only token generation whenever we access a specific account. One can generate a token from an external device, like a USB stick.

Pros

• Our credentials are stored using a separate gadget

Cons

• If we lose our device, we lose our access
• Usually, this method needs proprietary software and hardware

All said and done, be wise to choose such a password manager from the three that suit your needs and budget.