Skip to main content

What is Password Manager?

Why do we need a password manager?
Today is the world of social media, online business trading, online banking hence creation of different password became a necessasity and remembering them become nightmare. Writing these passwords on pieee of paper and pasting those paper on desk became a common practice which became easy target for cyber criminals to sucessfuly launch cyber attack, credential theft, financial fraud etc.
  • Having a universal user name and password is impossible . 
  • As every site or service has its own password requirements and hence its practically it is hard to keep track of all your different passwords. 
  • Help improve security posture by providing a secure way for password storage rather than storing passwords in plain text compromising security posture. 
  • It’s unreasonable to expect any person to remember complex passwords. 
  • Its better to have something rather than nothing. 
A Password Manager is a software application that allows users to securely store and organize passwords and keep them safe by encrypting and protecting using a master password

Pro's
  • Generate random passwords.
  • Simple access to multiple accounts.
  • synchronise your passwords across your different devices, making it easier to log on, wherever you are, and whatever you’re using.
  • let you know if you’re re-using the same password across different accounts.
  • notify you if your password appears within a known data breach so you know if you need to change it.
  • Use the same password manager across multiple devices and multiple platforms.
  • Password managers also allow you to store other types of data in a secure form – everything from credit card numbers to secure notes. 
  • Credential database is encrypted and password protection. 
  • Contains features such as idle timeout, password policy, unique password generator. 
  • Best way to prohibit user from storing passwords in text files. 
  • Promotes password best practices. 
  • Don't need to memorize all your passwords and PINs.
Con's
  • Password managers represent a single point of failure. 
    • if you forget the ‘master’ password for your password manager, you will not be able to get back into your accounts
  • if a cyber criminal accesses your password manager account, they will have access to all your accounts

There are two type of password manager app
1. web based
2. standalone app

Popular password manager

1. Bitwarden is secure, open source, and free with no limits for single user, paid for multi user.
Platform Support - desktop OS (Windows, MacOS, Linux), mobile (Android, iOS), browser extension (Firefox, Chrome, Safari etc.)

2. 1Password is a commercial password manager.
Platform Support - desktop OS (Windows, MacOS, Linux), mobile (Android,iOS), browser extension (Firefox, Chrome, Safari etc).

3. Dashline is commercial password manager.
Platform Supports - mobile (Android, iOS), browser extension (Firefox, Chrome, Safari etc.)

4. Enpass is commercial password manager.
Platform Supports - desktop OS (Windows, MacOS, Linux)mobile (Android, iOS), browser extension (Firefox, Chrome, Edge etc.)
Supports syncing through Dropbox, Google Drive, OneDrive, iCloud, Box, Nextcloud, or any service using WebDAV.
Labels:

Comments

Post a Comment

Popular posts from this blog

MTBF MTTR MTTD

Post a Comment
Read more

Juniper SRX : Proxy ARP on Juniper SRX

Proxy ARP ( Address Resolution Protocol ) is a technique by which a intermediate network device like router replies to ARP request for a given IP address that is not part of local network.  The router acts as a proxy for the destination device to which the host wants to communicate and provides its own MAC address as the reply. Note: Proxy ARP can help devices on a network reach remote subnets without the need to configure routing or a default gateway. Disadvantages of Proxy ARP Proxy ARP can lead to security and performance issues on the network.  It poses a security risk by making the network vulnerable to ARP spoofinf attack. In attacks, malicious devices can impersonate proxies. Intercept or modify traffic between devices. It may introduce inconsistency into the network’s topology. Addressing scheme by concealing device locations and identities. Let see when and how proxy ARP is configured in Juniper by answering below questions which often comes to our mind ...
Post a Comment
Read more