Passwords and authentication


The moment you touch any connected electronic device, you will need to set up means of authentication, something only you and the service provider or device know. Usually a password, as it can be made up by anyone on the spot.

What is a password?

A secret, shared only between you and the (one) other party. Are you using the same password with a different party? It is not secret anymore. Are you using a word found in a book or dictionary? It never was secret. Are you using a common password? Someone is already, or will be soon, using your account. Are you using a predictable pattern, such as a birthday/year and name of the service, 1967google? Probably nothing happened yet, but not exactly a secret.

What is 2FA (Two-factor-authentication)

Essentially a supplementary password, also called Two-step verification. Usually a time sensitive additional layer of security, changing each login. Common are codes send to emails, mobiles or generated in apps as (T/H)OTP. Whenever possible, this option should be activated, with the limitations/difficulties in mind and the backup code(s) safely stored.

Password manager

What to do with all the passwords? Using “a good one” for everything? While this seems easy and you will always have it available, it is a bad idea for multiple reasons:

  • It will not be a secret between you and one service only
  • You can’t share access to just one service
  • When a data breach happens you’d have to change it everywhere

Since humans are not universally good with remembering lots random strings, password managers came around, with the idea that you remember one strong password, this secret is between you and the password manager and will unlock access to all the saved, unique per service, passwords. A few notable candidates:

iCloud Keychain

Part of the Apple ecosystem and reasonably secure as long as you keep you iPhone, iPad or Mac locked. Logins saved will be available to all connected devices with the same iCloud account logged in. Including or changing to other, non-Apple devices will be difficult to impossible.

1Password

Polished interface with apps for every device/system you might carry around but comes at a monthly cost. Logins saved will be available to all connected devices with the same account logged in. Offers different plans to include family members or share logins.

https://1password.com/

Bitwarden

Offers a “always free” option, with a slightly less polished interface with apps for every device/system you might carry around. Logins saved will be available to all connected devices with the same account logged in and additionally accessible through any browser with internet. Paid plans offer additional options for convenience, such as sharing specific logins with other accounts.

https://bitwarden.com/

KeePassXC, Keepass

Always yours and always free. For the technically interested, full control at the cost of convenience. You will have an encrypted database, as a file, that holds all the information you enter in a known format (named after the original software, keepass) with software for any platform. Secure but without syncing or other bonus functionality offered by other options.

https://keepassxc.org/

Chrome/Firefox/Browser

While current browsers do offer to save your logins for convenience, they are not secure by default. Only use this option if you set up a main password, that has to be entered every time you (re)start the browser. Syncing is happening through an additional login with the browser provider, Google or Mozilla, along with the bookmarks. Not the most convenient for things happening outside the browser, like app logins on the phone.

, ,

Leave a Reply

Your email address will not be published. Required fields are marked *

Cookie Consent with Real Cookie Banner