Connect with us

Technology

Are password managers safe in 2022?

Online security is a very real issue in 2022.

If you haven’t had an account hacked or password stolen, chances are you know someone who has – that’s why more and more people are now using a password manager.

Password managers like NordPass offer extra-strong levels of online protection

NordPass Premium, from £1.09 per month – buy here

Cyber criminals are growing increasingly sophisticated in their means of acquiring data – and they’re always looking for soft targets.

If you regularly suffer from password stress, or make the mistake of relying on one of these common passwords, then you might want to start using a password manager.

Password managers are a major way to mitigate against that.

Most internet browsers, like Google Chrome, come with built-in password managers, but they have their limits and come with strings attached.

There are more advanced services out there from cybersecurity companies like NordPass.

In this article, we’ll take a deep dive into password managers: how to use them, if they’re safe, what they do for your online security, and how to choose the right one for you.

What is a password manager?

NordPass generates complex passwords that you can tweak to your liking

A password manager is essentially a database, sometimes referred to a digital vault, where all of your passwords can be stored and accessed whenever you need them. 

It’s not just passwords that can be stored there either: you can also use these managers for sensitive information like your credit card details or notes.

Password managers aren’t just about providing storage for your passwords: they can also randomly generate different passwords for each of your accounts. As password managers will generate strong and complex passwords, you won’t need to worry about coming up with a password that contains at least 12 characters and has a varied combination of upper and lowercase letters, numbers, and symbols. 

You don’t need to remember these randomised passwords: the manager will auto-fill these in every sign-up form you use. That’s extremely handy when you are shopping online or simply accessing anything from your Netflix account to your online banking. 

Password managers can also tell you if you are using passwords that are old, weak and if they have been breached in any of the recent data leaks.

In other words: you have zero excuses for using the same five-year-old password across all your accounts – that’s just not how it’s done in 2022.

How do password managers work?

Different password managers have different interfaces – but the essentials remain the same.

In the case of password manager NordPass, all your passwords and other sensitive data is stored in what’s described as a ‘vault’.

This is encrypted, backed up and synced with Nord’s cloud on a regular basis.

Different password managers use varying encryption models. In the case of NordPass, a military-grade XChaCha20 encryption is used.

As you can imagine, this is an incredibly strong encryption that’s earned much praise from cybersecurity experts.

In order to access your vault, you’ll need to come up with a  ‘master password’ – that’s something you don’t share with anybody.

When creating your master password, you’ll also be given a recovery code. In case you forget your master password, you can retrieve your account with this code.

If you don’t know both your master password and the recovery code, then even the NordPass team cannot help you.

The company operates on a zero-knowledge policy and, therefore, is unable to decrypt or find out your master password 

For extra security, you can incorporate biometric identification such as a thumbprint or face ID (providing your device/s support them).

What are the different types of password managers and which are  the most secure?

Broadly speaking, there are two types of password manager.

There are those that are built into browsers, such as Chrome by Google, Safari by Apple, and Firefox by Mozilla.

On the other hand, there are more advanced services from the likes of NordSecurity, a cybersecurity brand well known for products such as NordVPN (leading VPN provider) and NordPass (leading password manager).

Many people are familiar with the first category of password manager: whichever browser you use, chances are you’ve been prompted to save the passwords you enter.

But browser-based password managers come with significant limitations.

Firstly, because all those passwords are stored within the browsers, they can’t be used across platforms – if you were to go to a separate app such as, say, Netflix, you can’t make use of any auto-fill function.

Also, because all those passwords are saved to the browser itself, all a cyber-criminal needs is your device’s password to gain access. 

This isn’t the case with cloud-based password managers like NordPass – with these services, all that data is stored on the company’s servers.

So if the worst does happen and your device is either hacked or stolen, none of your passwords are available without that ‘master password’. 

Are password managers really safe? Can they be hacked?

You’ve probably already considered a potential flaw of password managers: that you’re keeping all that information in one place.

In other words, if a cyber-criminal does gain access to your passwords, he or she has access to every last one of them.

But premium password managers from companies like NordPass make that a very slim possibility.

Unlike browser-based password managers, it has MFA (multi-factor-authentication), biometrics and top-grade encryption – it’s barely possible to break that many “doors”. 

On its servers, NordPass uses what they call ‘zero-knowledge’ architecture – which essentially means that even the company itself cannot see those details.

All the encryption and decryption happens on your device, and if NordPass’s servers were breached, all that information would be fundamentally useless to everyone except you.

Where do I find my saved passwords?

In a browser-based password manager, you’ll need to go through a series of steps to find your vault of saved passwords.

Here are step-by-step instructions for the three bigger browsers.

Chrome

If you’re using Google Chrome, follow these steps:

In Chrome, click the triple-dot icon on the right-hand side of the toolbar.Click on ‘Settings.’A new tab will open in your browser. In the ‘Auto-fill’ section, click on ‘Passwords.’Here, you’ll see a list of all your saved passwords and the corresponding accounts – to see any, tap the ‘eye’ icon and enter your device’s password.

Firefox

If you’re a Firefox user, follow these steps:

In Firefox, select ‘Menu’, then click ‘Preferences’On the left-hand panel, click ‘Privacy and Security’Scroll down to ‘Logins & Passwords’, then click ‘Saved Logins’Click ‘Show Passwords’.

Safari

If you use Apple’s browser, here’s how to find your saved passwords:

In Safari’s menu, head to ‘Preferences’, then click ‘Passwords’.Either enter your user account password or sign in with Touch ID.After that, you can select a website, and click ‘Edit’ to view and change your password.

If you’re keen to try a password manager that isn’t browser-dependent, you’ll need to extract your saved passwords and upload them to your password manager.

NordPass lets you upload a .CSV file with your passwords, or better still, can automatically save passwords from most major browsers. 

Are there risks with password managers?

Ultimately, most of the risks involved with password managers are from surrounding factors – how responsible you are with protecting the passwords that could grant others access to your vault of data.

(Of course, not many people are foolish enough to leave a post-it on the corner of their laptop with their password scrawled on it. Or to opt for a 1-2-3-4 passcode for their phone.)

But if you’re concerned about your password manager not offering ample security, our advice is to avoid the browser-based options in favour of options from cybersecurity companies – they deliver an extra level of peace of mind.

Are there any good free password managers? Are they safe?

NordPass will let you know if any of your passwords have been breached so you can change them immediately

Google, Apple, Firefox, and Mozilla all have password managers built into their browsers. These are reliable services, but come with limitations we’ve already described.

Most free password managers have limitations – they often don’t allow you to stay logged in when switching devices, and don’t have tools that tell you which of your passwords are weak or have been breached.

That’s why it may be best to opt in for a password manager that has a lesser monthly price than a cup of coffee, but will guarantee you that peace of mind.  

And if you’re put off by the thought of all the potential hassle of setting up a new password manager, NordPass comes with a handy import feature that plucks all your passwords from your pre-existing service.

NordPass Premium, from £1.09 per month – buy here


For another leading security service from Nord, read our in-depth NordVPN review.

For a round-up of our favourite services, head to our best VPN article.

And to find out more, there’s our What is a VPN? explainer.

If you click on a link in this story we may earn affiliate revenue.