Protection and a single view for our personal accounts and digital assets
The primary reason why many people consider using a password manager is to protect their passwords, digital assets, and personal information, as well as to be able to have a single source of truth for their passwords across platforms such as iOS, MacOS, Windows, and Android.
Many platforms and providers such as Apple and Google provide built-in password management capabilities in their platforms. Nevertheless, there are reasons why people still search for other solutions:
1. Having a single source of truth across platforms
While Google and Apple, for example, provide very good password autofill and autosave capabilities, they synchronize these passwords only across the Google or Apple ecosystems, respectively.
To put it simply, if you update your DGLegacy® password from your Chrome browser, your iPhone won’t be aware of that, and the next time you try to log in from your iPhone, it will prompt that the log-in details are not correct.
That’s a problem if you want to have a single source of information for your passwords across the platforms which you use and wish to avoid having to synchronize them manually across the various platforms.
2. Lack of trust in the big tech companies
Many people believe that tech giants will sell their information to third parties. Whether that’s true or a myth is a debatable topic, but many people believe that, and as a result, they are reluctant to use products from big tech companies.
A small anecdotal example that I encountered a few days ago illustrates that well.
I was talking with a German guy who was struggling with using Microsoft Teams for video conferencing. I asked him why he didn’t use Google video conferencing, which is much easier to use, and his reply was,
“I don’t trust those big US companies! I’m sure they’ll sell my personal data.”
After that emotional statement, I paused and asked him,
“Uh, what kind of company do you think Microsoft is, the provider of your Teams video conferencing solution?”
He was confused and embarrassed. He was so obsessed with the idea that Google and Apple are “bad” US companies that he didn’t consider the fact that most of the technology we use these days comes from the US.
The “standard” password manager features
Password managers have a set of distinctive features to fulfil their promise to protect people’s passwords and provide a single view of their passwords across platforms.
1. Autofill and autosafe
This enables users to save their passwords and then fill them in easily whenever log-in is required.
2. Synchronizing passwords across platforms
Once you save your password in a password manager, it’s automatically made available to all platforms. For example, if you save your password in your Chrome browser, you can autofill it from your iPhone.
Of course, that’s true only if you install the multiple required add-ons for the password manager, such as Chrome extensions and iPhone Keychain.
Password managers offer encryption of your data with unique master passwords, which they claim are not stored, so no one can decrypt your data except you.
While that last claim is used for marketing purposes by the various password managers to give them an advantage over Google or Apple, it’s questionable whether they don’t actually store the master passwords of their users.
One simple experiment with a popular password manager showed that when we clicked “forgot password”, the password manager was able to decrypt the data, allowed us to change the master password, and then encrypted the data again with our new password.
How was the password manager able to decrypt our personal data if it didn’t store our master password? 🙂You can figure out a plausible answer.
Additional capabilities of password managers
Many password managers offer other capabilities in addition to the standard autofill and autosave, synchronization across platforms, and the questionable encryption of data.
These are the most common additional capabilities:
1. Data breach notification
To put it simply, as soon as some of your log-in details appear in the dark web as leaked during a cyber breach, you’ll be notified.
Uh … again, how does the password manager know my log-in details if they are encrypted with my master password and only I can decrypt and read the data? 🙂
2. Uploading of documents and personal information
Many password managers are extending their functionality into the Digital Wallet space, enabling users to upload various personal information such as
- ID cards,
- driving licences, and
- insurance policies,
as well as data about their digital assets, such as
- bank accounts and
- credit cards.
Decreasing trust in password managers
In the last several years, we have seen a significant decrease in trust in password managers.
There are a few factors that contribute to that.
1. Data breaches and vulnerabilities
There have been multiple instances of data breaches and vulnerabilities discovered in the popular password managers. This definitely shakes people’s confidence in password managers for storing their sensitive information.
2. Poor user experience
Many of the existing password managers were created years ago and, let’s be honest, their user experience is massively lagging compared to the sleek design that companies such as Apple and Google offer in their applications and devices.
Decline in usage or just substitution of password managers?
Obviously, people will always want protection of their digital assets and personal information, so it’s naive to think that the need for that will decline.
Despite that need, we see a steady decrease in trust in password managers and a corresponding decrease in the number of people who use their services.
But if people still need to protect their digital assets and personal information, does it mean that they have become irresponsible?
The latest survey conducted by DGLegacy® among 10 000 of its members might reveal the answer. The survey showed a massive shift of users from traditional password managers to Apple’s KeyChain and Google Chrome’s Password Manager.
While these options don’t provide people with a single view for their passwords across the various platforms, the multiple advantages of this approach definitely outweigh that drawback. These advantages are mainly great user experience, built-in capabilities (you don’t need to install extensions or add-ons), and very strong cybersecurity.
Does this signal a long-term shift in the approach that people take to protect their passwords? The survey might reveal exactly that.