According to various surveys, approximately 10 - 20% of Internet users use stand-alone password management applications. Most people prefer the password managers built into browsers, or storing passwords in text files and spreadsheets, or even in paper notebooks.

Do users realize the risk they put their data at by storing it in txt files or saving it as a draft in their email? When a user sets a non-unique or too weak passwords, and doesn’t protect their accounts with two-factor authentication or biometrics, it makes cyber security professionals around the world sad and also makes hackers happy.

Despite the fact that data leaks on the Internet occur constantly and many users experience the consequences of their data theft, people are still not prone to entrusting their data to password managers. Let's figure out together why this is happening.

According to American survey, about 65% of users don’t trust password managers. But is it much safer to store passwords in an unprotected file on your computer? Moreover, it won’t be enough for you to store this file only on your computer, you will probably make a copy on your mobile and, possibly, upload it to your cloud in order to have access to it from work devices. This is what is called bad practice in cybersecurity. Password manager keeps all your data encrypted. The database on your device or in the cloud remains encrypted and is only decrypted when you enter your master password. The AES-256 encryption algorithm used in the PassSecurium™ password manager provides military-grade security to the stored data. In addition to this, the zero-knowledge storage architecture asserts that the password manager provider cannot decrypt and access your data.

Furthermore, logging into your password manager via a web browser can be protected by two-factor authentication, which makes it extremely unlikely for hacker to access your password manager. On mobile devices, you can protect the password manager app with biometrics.

This sounds much safer than storing passwords in a file, isn’t it?

Many users who are slightly more aware about password management prefer to store passwords in built-in tools in browsers. The attractiveness of the built-in browser password managers is that they themselves offer to save the data, and then you can use this data for auto-fill login forms. Most users value them precisely for their convenience, although the security of this method of storing passwords is nothing like that of a stand-alone password manager.

However, let's take a look at whether the browsers' built-in password managers are really that handy. Firstly, the user is limited to only one browser. If you use multiple browsers, then you will have to store your passwords in each of them. Secondly, not every user knows how to see all of their passwords, and the passwords cannot be grouped and organized. Also, the password managers built into the browsers don’t generally offer a password generator feature, which encourages users to reuse passwords or create weak ones.

Our PassSecurium™ password manager has browser extensions for Chrome, Firefox, Edge and Opera (in beta). This means that you can access your password storage from different browsers without having to create multiple copies of the password database. In the extension, a password generator is available to the user, as well as (optional) protection of auto-complete forms using a PIN code.

The downside of browser extensions is that they sometimes fail to recognize forms on websites, and you will likely need to save or paste some data manually. However, the browser's built-in password managers are also not perfect: some users have complained that they didn’t update changed passwords and didn’t save passwords in some cases.

Thus, it is clear that there is no 100% perfect solution, but a stand-alone password manager comes closest to the ideal of secure data management.

So why haven't the majority of users still switched to password managers?

Popular excuses include:

1. There are not enough accounts to acquire a password manager for them. Insufficiently important accounts that are not of great value to the users cannot make them deal with a new application. (But many of that users agree that keeping access to banking, financial, and medical information in a secure location is a must.)
    
2. Loss of access to the password manager account if the user forgets their master password. This could be a serious problem, unless most password managers, including PassSecurium™, have a secure access recovery procedure. But they have, user data won’t be lost irrevocably. 
    
3. Problems with usability. Indeed, password management may seem daunting at first to many inexperienced in IT users. But keeping a file or built-in browser tools won’t allow you to sort and quickly find passwords, put them into folders, attach pictures and other files to them, and have access to a centralized storage from various devices and browsers.
    
4. Paid subscription. In fact, a yearly password manager subscription costs like one rather modest lunch at a restaurant. Consider, is this really a high price to pay for the security of your passwords?

Password protection has been aptly compared to a healthy lifestyle. To stay healthy, you need to make efforts that you may not like. However, you don’t feel rewarded for this effort. But when you remember how awful it feels when you are sick, the benefits of staying healthy are immediately apparent.

Safe password management helps you avoid the consequences of stealing your data. If you have experienced all the hassle of a cyberattack, then data protection will have clear benefits for you. And an irresponsible attitude towards cybersecurity will sooner or later lead to disastrous results.

It’s high time you adopted healthy password habits!

You can find out more about PassSecurium™ features and pricing in the price section. More information can be found in the FAQ section. Feel free to ask questions about password management through our contact form.

Used sources:

https://www.passwordmanager.com/password-manager-trust-survey/

https://www.usenix.org/conference/soups2019/presentation/pearman

https://cybernews.com/best-password-managers/are-password-managers-safe/