When people talk of privacy and security, a whole range of apps are discussed and checked/ scrutinized for issues related to privacy, security and vulnerabilities. But the category of app that is the single biggest risk (which knows every single character you type) often escapes the level of scrutiny that it truly deserves - the Keyboard app!
Likewise, a lot is said and written about password managers, and most of it are almost always positives. This is one app that is actually holding all your passwords - and therefore a very very big privacy and security risk! These apps not only know your password, but also any pattern that you may be using in creating passwords (if not using random passwords generated by such apps themselves). You are basically giving an unknown company all your passwords, as well as how your mind works in creating them. There have been security breaches in most reputed companies and millions of users have been affected by such security breach.
This post is not about security breaches. Instead, this is about the risks of you handing over your passwords to an unknown entity. Let's discuss what you do to secure your passwords and therefore your accounts.
Here's what I do:
1. All my banking (or financial) passwords are in my memory. I don't use password manager for this purpose.
2. I have enabled 2FA (two factor authentication) for pretty much all my accounts - email, cloud, social media, etc.
3. My password manager and 2FA apps are from different companies. This adds a layer of security to my accounts.
4. I don't use autofill service. Where required, I open the password manager, copy the password and then paste it in the password field. I do this for the following reasons:
I hope I have been able to explain the process.
What do you do to secure your passwords?
Likewise, a lot is said and written about password managers, and most of it are almost always positives. This is one app that is actually holding all your passwords - and therefore a very very big privacy and security risk! These apps not only know your password, but also any pattern that you may be using in creating passwords (if not using random passwords generated by such apps themselves). You are basically giving an unknown company all your passwords, as well as how your mind works in creating them. There have been security breaches in most reputed companies and millions of users have been affected by such security breach.
This post is not about security breaches. Instead, this is about the risks of you handing over your passwords to an unknown entity. Let's discuss what you do to secure your passwords and therefore your accounts.
Here's what I do:
1. All my banking (or financial) passwords are in my memory. I don't use password manager for this purpose.
2. I have enabled 2FA (two factor authentication) for pretty much all my accounts - email, cloud, social media, etc.
3. My password manager and 2FA apps are from different companies. This adds a layer of security to my accounts.
4. I don't use autofill service. Where required, I open the password manager, copy the password and then paste it in the password field. I do this for the following reasons:
- I don't want the password manager to have direct access to the password field.
- The passwords I save in the password manager are not the full passwords. My actual passwords are different (in that they have some additional/ missing characters) from the ones stored in my password manager. I add/ delete a few characters by following a certain methodology for each account somewhere in the passwords saved in the password manager. These characters (or string) could be added, for example, after a certain number of characters in the passwords stored in the password manager. Whatever logic or methodology is followed (which obviously I can't disclose; all i can say is it is unique and very unlikely to be forgotten), the resulting string of characters could be added after the 1st, 2nd, 3rd, and so on character in the passwords stored in the password manager, or they could occupy alternate places, or follow some other pattern. A similar exercise is followed if characters are deleted. Since there is a methodology followed, there is no way I can forget to arrive at the actual password. This way, I am able to use password managers to manage tens of accounts without actually giving them away to another entity.
- Copy-pasting passwords (or more correctly, partial passwords) also help in protecting against keyloggers, if present.
I hope I have been able to explain the process.
What do you do to secure your passwords?
Last edited:
My Computer
System One
-
- OS
- Windows 11
- Computer type
- Laptop
- Manufacturer/Model
- HP Envy dv7
- CPU
- Intel Core i7 3630QM
- Motherboard
- HP
- Memory
- 16 GB
- Graphics Card(s)
- Intel HD Graphics 4000 & Nvidia GeForce GT 635M
- Sound Card
- IDT High Definition
- Screen Resolution
- 1080p
- Hard Drives
- 1 TB Crucial MX500 on bay 1.
1 TB Seagate HDD on bay 2.
- Antivirus
- Windows Defender