How Password Managers Work: A Beginner’s Guide
Secure, reliable password managers help us remember increasingly complex passwords while making our personal and business data much more secure. But how do password managers work?
What is a password manager?
A password manager is a type of software you can use to generate, store, and autofill strong passwords, along with other frequently used information, such as credit card numbers. With the help of a password manager, you only need to remember one master password to access your encrypted virtual vault.
Although most popular browsers include a password manager with basic functionality, only a high-quality, third-party password management app offers features like a VPN, encryption, and 2-factor authentication that provide strong security and added convenience.
What a good password manager does
A password manager makes all your logins more secure by helping you create long, unique, and complex passwords for each account and storing them on a secure server. Look for one that offers features and functionality such as:
- A zero-knowledge system: With a zero-knowledge system, your data is already encrypted before you store it in the password manager, so even the password manager provider can’t access it.
- Device syncing: No need to set up password management for each of your devices individually. Cloud-based password management software easily syncs across all your devices and operating systems.
- Password sharing: Commonly shared passwords (for example, for Netflix or Twitter) can be safely shared with others by using data encryption to ensure a secure transfer of information.
- Dark web monitoring: Dark web monitoring scans billions of records and alerts you instantly when your personal information is detected.
- Security alerts: Receive an alert if a login you’ve stored in a password manager has been affected by a data breach.
- 2-factor authentication (2FA): Get an extra layer of security for your accounts beyond your username and password with 2FA, which requires a second authentication method, such as a fingerprint or one-time code.
- Single sign-on (SSO): Log in once to access multiple apps or platforms.
- A virtual private network (VPN): Disguise your IP address for private, more secure browsing on public or unsecured WiFi.
Want to learn more about using a password manager for your business?
Check out Dashlane's business plans or get started with a free business trial.
What a password manager doesn’t do
Although the useful features incorporated into high-quality password management software continue to expand and improve, there are still a few things they don’t do, including:
- Completely prevent hacks and malware: Password managers aim to protect passwords and other sensitive data—after all, 61% of data breaches involve compromised logins—but cybercriminals have other ways of conducting cyberattacks. Adding 2-factor authentication (2FA) or multifactor authentication (MFA) is a good way to raise the security bar even higher.
- Monitor or control your browsing habits: Using an independent password manager in your browser doesn’t require you to share your personal information or browsing history. Zero-knowledge encryption means just that: your password manager doesn’t need to collect or monitor your information to keep you secure.
- Add more computer tasks or keystrokes to your busy day: In fact, it’s quite the opposite. Convenient, user-friendly autofill eliminates many data entry tasks, including the extra time spent creating, searching for, and resetting passwords.
Other types of password management software
In addition to independent password managers like Dashlane that work through browser extensions and apps, there are three other types of password managers available:
- Browser-based: Built-in password managers are included with many leading internet browsers. Unfortunately, many of these password managers favor convenience over security. A lack of data encryption is one of several security drawbacks of built-in web browser password managers.
- Stateless/token based: This type of password manager uses an external USB device or a code sent to a device app to unlock your account. Passwords are re-generated each time you log in with the token. If you lose or break the device, you also lose access to your accounts.
- Locally installed software: Independent password managers are sometimes installed locally rather than using an external cloud-based format. Passwords are stored and encrypted on each device individually. However, you run the risk of losing your passwords and data if your device is lost, stolen, or broken.
Setting up a password manager
Of course, all password managers vary in the time and effort required to get up and running. Dashlane has developed software that’s easy to set up and use. Once Dashlane is installed, a web page will automatically direct you through the account setup process. You can then begin auto-generating new account passwords you wish to autofill over time. You can also turn on instant syncing between your devices and view your Password Health score to monitor your password strength and security.
Password manager FAQs
1. What is the purpose of a password manager?
A password manager makes it possible for individuals or businesses to store, create, and manage all their passwords from one secure app. Automatic password generation and encryption eliminate the need to create and remember complex passwords for each account. A good password manager increases both security and efficiency.
2. Do password managers work on multiple devices?
The short answer is YES. Most cloud-based password managers make it easy to sync your passwords between various devices. Dashlane stores your encrypted password information in a secure cloud location, so you can access passwords and make updates from any of your computers, smartphones, or other devices. Locally installed browser management software doesn’t offer this convenience.
3. How are passwords encrypted?
Encryption, or the art of hiding information in an unrecognizable format, dates back to the ancient Egyptians. Modern computer data encryption takes plain text data and scrambles it into a format called ciphertext. Dashlane’s encrypted password manager uses AES-256 encryption, widely accepted as the strongest encryption method available, to scramble your passwords, even before they leave your computer or device to go to our servers.
4. What is a password vault?
A password vault stores all your secret password information. Locally installed password managers store your data on the hard drive or device memory, leaving it accessible to others if your device is lost or stolen. Built-in browser password managers back up your information on their servers but also provide an unencrypted list of all the passwords you’ve stored, which can leave them vulnerable to a breach. However, Dashlane’s zero-knowledge architecture means we only store encrypted password data on secure, regularly audited Amazon AWS-hosted cloud servers.
5. What is a browser extension?
A browser extension is a plug-in for your favorite browser that adds additional features. The Dashlane browser extension helps you integrate secure, independent password management into your daily routine. Once you set up Dashlane in your browser, Dashlane will help you save your logins. Keep in mind that using a browser extension in conjunction with a premium password management app like Dashlane is entirely different from (and superior to) relying on a native browser password manager alone.
What Dashlane does for password management
Installing new software to help you manage and remember passwords might sound like a contradiction: Just one more thing to slow you down on the path to value-added work, right?
Dashlane’s browser extension and mobile app provide an antidote to the inefficiency of our multi-tasking, multi-password lives. Secure password sharing also makes it easier to collaborate with virtual colleagues all over the world.
Here are just a few of Dashlane’s key features for business and personal users:
- Single sign-on (SSO) integration
- SCIM directory sync
- Built-in 2-factor authentication
- Dark Web Monitoring
- Password Health score
- AES-256 encryption
Hackers go to great lengths to steal passwords and unlock confidential information. Secure, user-friendly password managers like Dashlane are among the most effective tools available to boost cybersecurity while helping you log in to the accounts you need more easily.