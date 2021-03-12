Almost everyone uses weak passwords: Every year, “123456” is established as the most used password in the world. But in 2021, sticking with this mindset is suicide of our personal data. To solve this there are personal key managers. That, it is worth clarifying from the beginning: they are not infallible, but they are a starting point for protecting sensitive information.

The “password managers” are programs that manage all our keys in one place, remember them for us and even us suggest very complex combinations of characters that we don’t have to remember. With having the master key or our fingerprint, it is enough to access all our data.

“Password managers have a great advantage: they facilitate the task of ‘remembering’ the passwords by one, which enables the possibility of using a different password, unique and even difficult to memorize, for each service that we use and require it”, explain to Clarion Iván Barrera Oro, alias Hack, software developer specialized in computer security.

But of course, the objection arises immediately: Is it good to have all your eggs in one basket?

Weak passwords – A more common problem than you might think. Photo Shutterstock

“Of course, they can be considered a potential security problem: now all our passwords are in one place, and whoever has access to it could digitally impersonate us. Or, on the other hand, if we forget the password we use, we could lose access to all our keys! And with it our digital identity ”, he explains.

Indeed, there is no categorical answer on whether to use them or not, especially if we take into account a maxim that reads: the easier it is to use, the less security we will probably have guaranteed.

“On the one hand, it is impossible to say that a software is inviolable without a defined framework: even if the database was impossible to open without the correct key, a software bug could allow access to the data when it is opened by the user, for example. Or an implementation error or misuse of the encryption algorithm in an incorrect mode could allow the database to be opened even without the relevant password, “explains the specialist.

“Information security is a very complex field and demands answers that rarely go to the point. Normally, instead of speaking in absolute terms, the use of more precise terms is preferred: complies with such or such security mechanisms, has security against certain defined types of attacks, etc. Everything else is usually marketing“, he clarifies.

“In my opinion, yes: I recommend using password managers. The advantage of being able to easily secure all the services we use with the convenience of having to remember only one password outweigh the disadvantages. Of course, you should take the rnecessary guards and appropriate for the case: have backup copies of the data of our manager, in order not to lose access to them; use a unique and strong password to protect this data and that it is not accessible by others; do not use it on other people’s computers ”, argues the specialist.

Therefore, here, the best options for 2021, in their paid and free versions.

Tip for paid versions : many services, if you start to register for the paid version and we leave it in the middle, then they send an email with an offer so that we can complete the process. Thus, in many cases, you can pay less for the first annual subscription.

Keeper

Keeper it is one of the most popular. Although its “military encryption” is a bit of a marketing move, it is secure like any other. It also has some cool features.

A good plugin for browsers that facilitates logins, an optional option for secure file backup and even a test of our existing passwords to check if they have been violated.

Its free version barely allows you to use the most basic: the “vault” with all the saved passwords, generation of passwords (example: lnBPBKfsS7xYK10l $ uJ!) and some other functions.

To be able to open the “vault” from any device you have to pay $ 39 per year (plus taxes).

KeePassXC

KeePassXC It is free and multiplatform software. Like most, it allows auto-completion of forms and export and import of the database.

It also allows the use of various protection mechanisms, such as password or token / physical key. “The data is duly protected on-rest, that is, while the database is closed, through encryption and authentication, it is secure,” explains Hackan.

Is 100% free.

Dashlane

Dashlane complies with all basic functions plus the option to connect to a VPN, that is, a private network.

It has a check of compromised passwords not only in our services but also in the so-called “dark web”.

It costs $ 39 plus tax in its paid version.

Bit Warden

BitWarden allows, in addition to managing passwords, function as a two-step authenticator. Just like Google Authenticator does, for example, but we can choose to add it to whatever password or service we use.

In its favor, it is one of the ones that offers the most options in its free version.

And, in addition, it is one of the cheapest: there is an option of $ 10 per year.

1Password

It is one of the most intuitive: its interface is quite simple.

As a counterpart, its browser extension is a bit bad and also does not allow “inherit” passwords that we have been using, so you have to load everything from scratch.

1Password is compatible with a large number of browsers and operating systems

LastPass

Like Dashlane, LastPass it also checks for compromised passwords on the dark web.

It allows you to inherit passwords and, in any case, change them to a more secure one suggested by LastPass.

It is limited to one device without paying.

So which one to use?

Login: the critical moment of credential theft. Photo: Shutterstock

The answer is not definitive and is even very personal.

Hackan explains: “If I had to recommend, I would probably recommend that readers run tests with different managers and evaluate on their own which one has been the best for them, perhaps using the following questions as a guide”:

– only I have access and control of my data?

– Does the application allow me to change, migrate or cancel the service?

– is it easy to use, and can I mostly understand what is going on?

– does it work on all my devices?

– does it work or does it integrate easily with my browsers?

– Do you have various mechanisms to protect my information?

“It is likely that many services do not test positive for these questions first, but it does not necessarily imply that they are bad, since on the contrary they could be convenient. In general, all managers that are cloud services fail the first and second questions, but they could function as a gateway to the use of managers ”, concludes the specialist.

Anyway, with or without password manager, it’s time to bury, once and for all, “123456”.

SL