Do you use a password manager app to create, manage and store all of your passwords?
If so, you need to know that all password managers are potentially insecure and any vulnerabilities that arise could put ALL of your passwords at risk of being compromised at any time.
Why do I say this? Because of the evidence that keeps popping up from time to time.
For example, back in November 2014 a new kind of malware known as Citadel began attacking password managers, causing folks to have to scramble to prevent falling victim to an attack.
Then a year or so later KeePass users began receiving legitimate update notices from KeePass that unknowingly allowed malicious fake versions of KeePass to be downloaded in place of the real update.
Yet another vulnerability was discovered that affected the popular LastPass password manager. I won’t go into the details here, but you can read about it here if you’re interested.
Yes, I realize those are isolated anecdotes and that password managers are indeed safe and secure except in rare instances.
That being said, cases of humans getting struck by lightning are rare as well, but you still take every precaution possible to avoid getting struck by it when a storm passes through, right?
Sooner or later there’s going to be a major data breach and countless users of the affected password manager(s) are going to wake up to a living nightmare.
And here’s an issue that actually happens on a regular basis…
Have you ever had one or more of your passwords stolen or otherwise compromised via a data breach or successful phishing attempt? Yeah, me too.
Now, just imagine what would happen if hackers managed to get their hands on your password manager’s “master password”…
That’s right – they now have access to every password you use for every one of your online accounts!
The bottom line is this: In my opinion, using a password manager to manage and store all of your passwords is 1,000 times worse than putting all of your eggs in the proverbial one basket. Broken eggs can be replaced. Stolen passwords ruin people’s lives.
At their cores, password managers are nothing more than strings of computer code.
And like every other body of code ever written, they are susceptible to hacking attacks and simple programming bugs – either of which could potentially render your entire virtual and financial life at the mercy of hackers and scammers.
It’s true that the companies behind the most popular password apps take great care to keep their products up-to-date and patched against any vulnerabilities that are found, but when it comes to your passwords it only takes one successful breach to ruin not only your day, but literally your entire life as you know it.
This, in a nutshell, is why I will never use a password manager app. And I strongly recommend that you avoid them as well.
After all, why accept such a huge risk when there’s a very effective (and much safer) alternative?