Password manager security expert: "They are secure"

2021-10-19T18:28:09.699Z

It may seem practical to let a service remember everyone's password - but is it that smart? Yes, if you create a strong password for the service, according to IT security expert Anders Nilsson. But it is also possible to protect passwords further - and in other ways.

According to Anders Nilsson, IT security expert at ESET Nordics, you probably do not have to worry about a service that collects everyone's passwords being hacked.

- Even if it is hacked, you must find out the password that you used to protect the password.

As long as you have used a secure password there, it does not matter much if the service is hacked because they should not access the passwords that have been encrypted, without trying to find all the different passwords, he says.

Phrases instead of words

Many computers have built-in password managers in the operating system, but the service can also be purchased - which may be needed if you want to sync different computers and mobiles, for example.

According to Anders Nilsson, both alternatives are secure, even if the password is crucial in both cases.

Instead of a handful of different passwords with six to seven strange characters, he recommends phrases with regular letters.

- When people get to choose for themselves, there are unfortunately often simple variants and you might just put on a number one or an exclamation mark.

"This is Anders' password to the password manager" or "I like birds that tweet" are better alternatives.

- The length of the password matters.

So the longer they are, the harder they are to crack.

Then the password manager can also suggest passwords, something Anders Nilsson himself uses.

- I do not really know any passwords at all, but that to the password manager who then accidentally dropped long strong passwords in all other places.

Two-step authentication provides extra protection

Having a separate unique password for the email is also important, he believes.

- Because if you access your email, you can often restore various accounts.

The IT security expert also recommends two-step authentication.

- I think you should always-always activate two-step authentication if it is possible to do.

Because even if you know my password, you can not log in.

You must have access to my mobile phone for example.

So if someone sees you enter your password over your shoulder or hacks you and finds out your passwords, they can still not log in, without access to your phone.

In the clip, Nilsson talks about how he thinks about passwords.

Source: svt

Password manager security expert: "They are secure"

You may like

Trends 24h

Latest