0

Reading this article on the BBC titled: Password guru regrets past advice

It advises that people now use Password Managers:

It recommended that organisations abandoned a policy of pushing their users into regular password resets, and that they should support the use of password managers - programs that securely store hundreds of different logins, avoiding the need to memorise each one.

But I can't help but feel like storing all your passwords in one place which can be unlocked with a single master password leaves a single point of failure.

Essentially if someone got my master password they would have access to all my passwords stored in the password manager.

So my questions is should I use a password manager or should I just use different passwords on different sites?

User1
  • 3,041
  • 5
  • 23
  • 30
  • 2
    Possible duplicate of [A password manager a single point of failure. Then why is it so often recommended nowadays?](https://security.stackexchange.com/questions/152269/), [How safe are password managers like LastPass?](https://security.stackexchange.com/questions/45170/), [Password manager vs remembering passwords](https://security.stackexchange.com/questions/3458). – Steffen Ullrich Aug 09 '17 at 14:53
  • What exactly is a "Password Guru"? – Tom K. Aug 09 '17 at 15:01
  • 1
    Most password managers allow for a 2-factor authentication, requiring both something you know (the master password), and something you have (either your cell phone, or the computer the password database is stored on). That way if someone has your password, they still cannot log in without your hardware, and if they get your hardware, they still need your password. An attacker would need both to get access. – Unixmonkey Aug 09 '17 at 15:04

0 Answers0