Accounting & Tax Tips
July 31, 2018

The Benefits and Disadvantages of Using a ‘Password Vault’

Gone are the days of using your birthdate, “1234” or “password.” Today’s password requirements require just about everything but the kitchen sink.

You must have both lower-case letters as well as at least one capital, you must have at least one numerical digit and one character symbol, and most websites require your password to be at least six to eight characters long.

Needless to say, that’s a lot to remember. It’s no wonder many people use the same password for all of their devices and Web logins–though we all know that isn’t safe.

Or, is it?

If you have trouble remembering secure passwords and wish you could have just one to unlock everything–and yet still be safe–then a “password vault” may be just what you need.

We here at Wendroff & Associates CPA like to use LastPass, and recommend it to all our clients. Here’s why:

What is a password vault?

A password vault, or password manager, is a secure application that can create a different ultra-safe and secure password for everything you need, from your devices, to your email addresses, to your logins for websites and payment programs like your bank account and programs like PayPal and Venmo.

They’ll create the most difficult passwords imaginable, sometimes 20 characters long and using a crazy mix of letters, numbers, symbols and more.

As the owner of the vault, all you need to do is create just one secure password and use that as the gateway to log in.

Once you log in to the site, every site and password you own will be stored there, safe and encrypted.

What are the benefits of using a password manager?

1. Easy Access: Other than the fact that you only have to remember one password now, the best part of using a password vault like LastPass is how easily you can access all of your logins, user names and passwords.

Many programs like LastPass come with a browser extension you can install on your device that will automatically fill in the user name and password for each site as you bring it up. For example, just go to Amazon.com, and a LastPass symbol will appear in the blank spaces where you are asked to enter your email address and password. Click on the symbol, and LastPass fills it in for you.

In addition, most programs offer a mobile app so you can take all your passwords with you wherever you go.

2. Easily Switch Between Accounts: Another benefit is for people who have many different accounts for the same sites. For example, you may have a professional Facebook account as well as a personal one. When you go to Facebook on your laptop, you just click on the LastPass symbol in your browser (usually next to your Bookmark menu tab) and you can click on your vault, and then select the account you wish to log in to. Then, LastPass automatically fills in your login information for either your professional or personal account.

3. Share Passwords Without Sharing Passwords: Say you want co-workers to be able to log in to necessary sites without them even being able to see what your password is. Or, you only want to allow them to log in from a single device (like their office desktop). LastPass allows you to “share” encrypted passwords with other persons you designate, while keeping them encrypted. So they can log in to your company account, but only from their work computer, and without actually being able to see what the 10-character password is.

Are there any disadvantages to using a password manager?

As many people have pointed out, the one obvious problem with a password manager is that there is only one password a hacker has to crack in order to access everything.

However, as many security experts also point out, even if a hacker is able to crack your “master” password, the passwords they are then able to access are encrypted–and most password vaults use AES, or Advanced Encryption Standard, which is a symmetric block cipher chosen by the U.S. government to protect classified information and is implemented in software and hardware throughout the world to encrypt sensitive data.

Therefore, the hacker would have to break the AES encryption on each and every password stored, which is nearly impossible.

What’s more, many password vault programs offer the user the option of turning on an automatic feature which will change your secure passwords for you, and log the new ones in your vault, as often as you wish.

This is great info. Share it...

Client Reviews

Find out what Wendroff & Associates, CPA
can do for your business.