Password managers

Password managers

Password managers are programs, browser plugins or web services that automate management of large number of different credentials. Most password managers have functionality to allow users to easily use them on websites, either by pasting the passwords into the login form, or by simulating the user typing them in.

The idea of a password manager is that users can create a new password for every application they register on. Using one 'master' password, users can unlock these unique service passwords when they are needed.

As discussed in the next section, using a unique password per service greatly improves security by significantly reducing the consequences of a breach of one of the service passwords.

Risk of reusing passwords

People often reuse passwords. Reusing passwords is bad for security, since a breach of the weakest service also impacts all other services where the passwords is being used. In contrast, when each service has a unique password, a breach revealing passwords of that service impacts only that single service.

Source attribution

Some parts of this page are based on the OWASP Authentication cheat sheet, which is licensed under FLOSS.