Password managers, like any type of software, are not all created equal. What are the key security features that you should consider when selecting a password manager?
Given the number of different sets of login credentials we need, especially online, managing strong password policy for your entire computing life may feel like an insurmountable challenge. There are some tips and tricks that may be used to ease the procedures of secure password managment, however. A rough approach that many use involves nothing more than maintaining a text file full of passwords that is kept encrypted, so that none of the passwords stored in the file ever really needs to be memorized. They are all accessible by way of a single password, which is used to decrypt the file's contents when a password is needed.
Such an approach is a bit clunky for many, however. Smoother methods of managing passwords securely exist, most commonly in the form of a type of program known as a "password manager." Numerous examples of such tools exist, of varying quality and effectiveness. Different people have different needs, and the plethora of options ensures that something "close enough" to one's needs is almost certainly available. Even failing that, there is always the option of just using an encrypted file.
Unfortunately, many people are unaware of the importance of using strong passwords that are unique in each context where a password is needed. Even if they are aware of these measures to protect their private data and login credentials, many of them do not see much value in further protecting such passwords when storing them locally. Finally, even among those who are aware of all the above considerations, many people do not consciously think through all the implications of the design and feature set of a given password manager when they select it, beyond the basics of ensuring that it encrypts stored passwords.
A number of key characteristics of a password manager are very important for securely managing passwords:
- Encryption: Stored login credentials should always be stored in an encrypted form, using peer reviewed, heavily tested, strong encryption, so that even if the device used to store the passwords is stolen the thief is unlikely to be able to recover passwords.
- Secure resource usage: A number of possible vulnerabilities involving unsecured resource usage are possible. For instance, using secure memory that will not be written to a pagefile or swap partition on disk guards against the danger of a decrypted password being dumped onto the disk where it can be recovered later by a malicious security cracker.
- Self-contained functionality: A lot of software is not written with absolute data security in mind, and it often should not be written that way if the intended functionality of the application presents no need for such security. This does mean, however, that any password management software should not trust the security of outside applications. What good is using secure memory if the decrypted passwords will just be passed directly through another application that stores everything in tempfiles that may never be explicitly deleted?
- Usability: Quick, simple, and easy use of the day-to-day functionality of the password manager is important for ensuring that the password manager actually gets used regularly. If it is not at least nearly as easy to use for all of a user's common password needs, it may get neglected in favor of less secure options.
- Verifiable design: Just as encryption that does not trust the user is not trustworthy, the same is true of software that handles any part of one's secure data management needs. This is especially true of something like a password manager, which manages the data used to access other applications that also need to manage data securely. To ensure that the software is trustworthy, it should be verifiable -- which means that the source code is not only available for scrutiny, but verifiably the same as the source code used to produce the actual executable program itself. Security through visibility requires open source software. Ideally, security software should use copyfree licensing policy.
These five criteria are of fairly universal value for a general purpose password manager, and should probably be considered by everyone designing a password manager or selecting one for personal use. Other features may also be desirable, many of which involve suitability for a particular user's workflow, and the specific uses to which a password manager may be put, as contrasted with the specific uses to which another person might put a password manager. For your particular needs, this short list of considerations will surely not be the only things worth considering, but it should offer a good start.
Chad Perrin is an IT consultant, developer, and freelance professional writer. He holds both Microsoft and CompTIA certifications and is a graduate of two IT industry trade schools.