Password Managers

##Threat It is very difficult to remember dozens of passwords and usernames for online accounts. As a result, people have reverted to choosing weaker passwords and using the same password across multiple sites (VERY BAD). When using weak passwords, users open themselves up to their account being compromised by attackers who will attempt to guess their password. With password reuse, users run the risk of all accounts being compromised if one account can be compromised. If, for instance, one of the databases of a site you use is compromised and all the usernames and passwords are revealed, one thing that many malicious users will do is try those usernames and passwords across multiple popular sites (banks, social media, email providers). If you used the same password everywhere all of your accounts could be in jeopardy.

##Solution Password managers allow you to use unique, strong, randomly generated passwords across a variety of accounts and store them securely in an encrypted database on your machine or 'in the cloud'. This database should be encrypted with a strong passphrase and not shared with anyone. One drawback is that this creates a central repository of all your passwords. This is often seen as a convenience / ease of use trade-off between using a password manager and having to remember multiple weaker passwords across many sites. Given the central repository of passwords that could unlock all of your accounts there is an additional risk of using a password manager that syncs with a remote server and shares your passwords with all devices. If you are more risk adverse, look for a password manager that does not sync remotely or disable this feature.