SR Client Question: How safe are password managers?

Many of our clients use password managers to protect and store their password libraries.  With sometimes hundreds of unique log-ins between business and personal accounts, it can become unmanageable to remember each username and password.  The convenient password managers built into browsers like Google’s Chrome and Apple’s Safari are getting better, but for the most robust password management software available, we recommend Last Pass (see here for an in-depth video review of the service we did last year) or 1Password.

The short answer to the question, “How safe are password managers?” is “Very safe.”

Password managers let you use strong, unique passwords everywhere, ones the average human could never remember on their own. The password managers protect your password vault with strong encryption (AES-256, specifically), even while it’s stored in the cloud. While the passwords are on your PC, phone, or tablet, they’re protected with a “master password” only you know that makes them unreadable by anyone without that password.  To date, no one has hacked either Last Pass or 1Password, but plenty of personal devices with unencrypted passwords have been hacked.  Trusting these two managers is the less risky option of the two.

For a full review of the security features of these password managers, read more here.