Stickers, phone notes, tattoos… Is there the best practice to store your passwords?

Home / Vital WP Care Blog / Infosecurity / Stickers, phone notes, tattoos… Is there the best practice to store your passwords?
Where to store your passwords.

How many times have you been unable to find or remember the password to a service you haven’t used in a long time? And you couldn’t recover it because you also don’t remember which email you registered with.

And how many (dozens đź«Ł) of applications do you use the same password for because of this?

What else can you do, you might rightly ask, when a person can only remember up to five (complex but logical phrase) passwords, while the number of services and applications they use is in the dozens? Storing passwords on sticky notes (paper) is warned against by everyone, and then try finding that piece of paper years later. In phone notes? That’s not a great option either, especially if you lose your phone.

Okay, so where are you supposed to store 100500 passwords in this case?

Where to store your passwords. Tattoos

Let’s try to find solutions that meet the following needs:

  1. I don’t want to write down the password (at least not a second time).
  2. I don’t want to remember the password.
  3. I need access to the password on any browser and any of my devices.
  4. I want to be able to easily share the password with a close one or a colleague when necessary.
  5. I need to be confident that the password storage location is as secure as Fort Knox.

To start with…

Why Using the Same Password Everywhere Is a Very Bad Idea

Using the same password for all your favorite apps and websites is very tempting, isn’t it? It’s like having one key for everything – simple and convenient! But here’s the thing: reusing a password everywhere is a habit that can bring many troubles to your online world.

The fact is that different apps/websites have different levels of security. If hackers manage to breach the weakest one, they already have your single golden key to all your social media accounts, online stores, and email accounts. To everything where you used your favorite password. It’s like walking outside and giving the key to your apartment to a random passerby, believing that they won’t give it to anyone else.

Now imagine that your password is leaked, and you become aware of it. You sit there trying to remember all the resources where you used that password because you urgently need to change it!

Where to store your passwords. Frog In Panic

Single Sign-On (SSO) technology provides some relief by allowing you to use one set of credentials from major providers like Apple or Google to log in to various systems. However, if your credentials are compromised at the provider level, the attacker can access all the other resources on your behalf. But at least in this case, you only need to change the password in one place if it’s compromised.

Storing Passwords in Your Browser

Using a browser to store passwords really does seem like a lifesaver, doesn’t it? Like a magic keychain that not only unlocks all your online accounts but also helpfully fills in the necessary fields. It sounds convenient! However, despite all the advantages, there are several reasons why this method might not be the best choice.

The same problem as with password reuse: “not all yogurts are equally beneficial.” Different browsers use various methods to store your passwords. Some of them can be very reliable, while others—not so much. Additionally, even the most secure browser cannot guarantee that it won’t suddenly have a vulnerability that someone will inevitably exploit.

Of course, storing passwords in your browser is more convenient and safer, at least for each new application. The browser offers to generate a separate complex password (hopefully, you use this feature) that you don’t need to remember. This is far from leaving a spare key under the doormat.

But what about meeting the needs we outlined earlier? Specifically, need number 3: “I need access to the password on any browser and any of my devices.”
Synchronizing browser passwords across all your devices works within the same browser. So, if you use Chrome everywhere, logging into it on all devices will give you access to the key storage. The problem arises when you have to use different browsers (for example, something different at work). Then you have a second storage that is not synchronized with the first. A familiar question: “Which browser did I register for this service in?!”

Apple users are much luckier in this regard, as their ecosystem provides a single password storage that you can use on all devices. But alas, if you use a browser other than Safari, this storage is no longer the only one.

Thus, while using your browser’s password storage may represent the path of least resistance, it is a suboptimal solution if you need a high level of security and functionality. It’s like choosing between keeping money in a piggy bank at home or in a bank vault: both options ensure safety, but the latter offers much greater protection and capabilities.

And now, let’s talk about those “bank vaults.”

Specialized Password Storage Apps

Password storage applications, often simply called password managers, are apps that create a centralized, secure place—a digital vault—where you can store not only passwords but also other confidential information such as bank account details, personal identification numbers, and secure notes.
Common features of all password managers include:

  • One Master Key: Instead of remembering dozens of complex passwords, you only need to remember one master password. This master password unlocks the vault, giving you access to all other passwords.
  • Autofill Function: When you visit websites or log into applications, the password manager can automatically enter your username and password for you.
  • Generation of Strong Passwords: Password managers have a built-in feature to create strong, random passwords. These are difficult to crack and you don’t have to remember them.
  • Synchronization Across Devices: Unlike browser password storages, a password manager is installed as a separate application or a browser extension. Therefore, no matter which devices or browsers you use, all your passwords and other secret data are in one place and easily accessible from there.
  • Enhanced Security: While browser password storages are also encrypted, specialized programs pay more attention to the encryption algorithms used. We’ll take a closer look at these when choosing the right manager.

Sounds pretty good. Some of this functionality is, of course, also available in browser storages: password generation and autofill function. But the last two points: cross-platform synchronization and a security level perfected to an extreme, make password managers the best solution for storing your online secrets at the moment… as long as you don’t write your master password on a piece of paper 🤪

Where to store your passwords. Burglar

“Why do password managers suddenly have such trust when it comes to security?” you might ask. It’s simple.

Firstly, any specialized application primarily develops its core functionality. For password managers, secure storage of client data is the top priority.

Secondly, due to their specialization, they become a very tempting target for hackers. This means that the work of strengthening and inventing new protection measures becomes an endless challenge for password manager developers.

In the next article, we will provide a brief overview of password manager applications to help you make a decision.

Enhance Your Website's Performance

Don’t let outdated software slow down your business. Our expert team specializes in WordPress maintenance and updates, ensuring your site runs smoothly and efficiently. Reach out now to discover how we can optimize your site for peak performance and user satisfaction.