Password vaults offer a lot of benefits by allowing you to set long, complex passwords, and only requiring you to remember a single master password. However, the biggest drawback with using password vaults is that if the vault is breached (as we've seen happen recently), then all of your passwords are at risk of compromise.
What if there was a way to use a password vault and protect your passwords from these breaches? Well, there is! Let's take a look.
Mitigating the Biggest Risk of Password Vaults
The way to mitigate the risk of password vault compromise is to have a piece of each password that is not stored inside your vault. You can do this by adding a word (or even a single letter) to the end of your stored passwords. By doing this, you would have a long, complex password stored in your vault and the extra word or letter to the end, that is not stored in the vault, makes it that much more secure.
Example
So, let's say you are using the password "Spring2024!" (I know – not a very strong password) and you have it stored in your password vault. What you can do is change your password and add something extra to the end. For example, let's use the word "safe". When you update the password, you change it to "Spring2024!safe".
Make sure you do not save this updated password in your vault. So, your new password is "Spring2024!safe", but your password vault still just has "Spring2024!" stored. That way, even if your entire password vault is compromised, the bad guys would not get your actual password.
For each of your passwords, you can use this same keyword added to all of them. Each of your passwords are still unique and are saved in your password vault, but using the same keyword added on to each password is much easier to remember. Think of it like a password for your password!
Implementing an extra keyword to your passwords does add an extra step for each login, so it is less convenient. But it provides a simple mitigating step against the biggest risk with using a password vault. Think about the trade-off between security and convenience to decide if this suggestion will work for you.
Additional Security Tips for Password Vaults
Set an extremely long and complex master password
Since your passwords are in a centralized place, it is vital to secure it from unauthorized access. Some password vaults base their encryption on the master password, so creating a stronger one strengthens the security of the vault.
Enable multi-factor authentication to access your password vault
This further protects your vault from unauthorized access. Even if someone had your master password and tried to login to the vault, it would be much more difficult for them to get in if you had an additional factor setup.
Use the password generator functionality to set strong, unique passwords
This function uses random generated characters to create your password, which makes each individual password much harder to crack. Having unique passwords means that if one site is compromised, then an attacker couldn't use the same password to login to any of your other accounts.
Use the strongest encryption option available
Many password vaults have multiple settings for the vault's encryption level. Double-check these settings and update them to the highest option, if it is not already selected.
Conclusion
Password vaults are not perfect, but they can be more secure when you take a few simple steps. Use these tips and techniques to make sure your password vaults (and more importantly, the passwords they store) are protected.
If you'd like to take your systems' security to the next level, check out CoNetrix Security. With audits, penetration tests, and vulnerability assessments, CoNetrix Security can help you make sure your systems are secure. Learn more at CoNetrix.com/Security.