Password managers Essays - Computer Access Control,

Password managers Course Institutional Affiliation Date Introduction A password manager is simply a software that aids users organize and store their passwords. In most cases, they often store such passwords in encrypted format needing the user to establish a master password , one typically very strong password that offers the user access to their whole password storage [1] . In some cases, password managers store these passwords within the user's local computer often referred to as offline password managers , while some store passwords within the providers cloud termed as online passwords . Nevertheless, offline password managers also provide storage of data within the user's personal cloud accounts as opposed to the cloud. While the main aim of a password manager is to securely keep safe huge collections of passwords, most offer secondary features like passwords and fo r m filling. How password managers work Password managers have one fundamental function. They store and recall all user passwords so they could save its users from doing so. It stores all personal information and user passwords in an encrypted format which safeguards private data from cyber-criminals that have physical access to the local device [4] . Password manager stores passwords in either a centralized storage or a decentralized storage. Centralized storage include the use of the cloud or a networked server environment where a domain server becomes responsible of handling all the passwords. The dangers to this is that every time a user forgets his/ her password it will take some time to retrieve it as a result of organizational bureaucracies. A decentralized approach on the other hand involves the management of passwords under different locations such as user local machines or at departmental levels. This makes it easy for users to retrieve their passwords. The danger with this approach is that exposu re to passwords leakage or compromise is high and might not be easily detected if the attacker lies internally. Categories of password managers There are four main categories of password managers namely standalone password manager, bonus feature within other software, web based password manager and finally password managers using embedded security hardware. The bonus feature within software are like web browsers, operating systems, and antivirus software which come with password managers. The standalone password managers , were the earliest category of password managers and is not linked to any subsidiary software. This is basically suitable in cases where all your computing is done on one computer that is not shared. There are also web based password managers is a new way of managing passwords, it is simply a web application which can be used from any internet connected device. It is suitable for instances where there are several mobile or computing devices with distinct operating systems and you are required to recover all passwords from every device. The last category of password managers is using embedded security hardware where some secondary hardware is embedded within a computer to encrypt and save data. Only persons with the passkeys can have access to the stored data . It is suitable for instances where a device is at high risk of theft or physical hacking, often that is the situation if the device is stored within a shared office or travel with it often. Advantages of password managers The benefit of password manager access controls is that they are cheaply integrated in many software with the use of application programming interfaces available under most software products, they do not need any specialized server/computer modifications and that users understand the use of passwords already. To begin with, password managers save people from the stress of remembering several passwords. Trying to recall several passwords tempts a user to use some of the poorest passwords which is not a desirable feature. Second, the fact that one is saved from remembering passwords makes it possible to have strong desirable passwords, a unique password for every single existing account. Password managers also help fill automatically the usernames and passwords every time a user wants to access any account saving on time and the burden of recall [2] . It is logical for users to make at least one mistake with their passwords making it so cheap for cyber-criminals,