Password vault : its potential for cybersecurity

Are you one of the 83% of Internet users who use the same credentials for several sites? If the answer is 011011110111010101101001, it means that it may be time to consider using a password “vault”.

Password “vault”, what is it?

By using a password “vault” or password manager, all passwords are secured. For example, it is possible to create unique and robust passwords for all applications, so you don’t forget them.

The main features of a password “vault”:

• Data storage in a digital “vault”
• Secure authenticationPrimary or secondary authentication Authentication allows a user to guarantee his or her identity before accessing a resource or service. Primary authentication will give user access to the workstation (Windows... More
• Password generation

Potential for cybersecurity

If there is no password manager, an Internet user tends to reuse the same credentials for each site he visits. In terms of cybersecurity, this practice is very risky. If the password is vulnerable, it can easily be stolen by malicious people who will have access to any applications that share this password. This is where a password “vault” becomes very useful. The user has to remember only a password. With this password alone he will be able to access the rest of passwords.

In addition to the practical reasons, the implementation of a password manager allows to meet most of the security recommendations relating to passwords recommended by the ANSSIAgence Nationale de la Sécurité des Systèmes d’Information. The National Cybersecurity Agency of France (ANSSI) is a French government organisation reporting to the Secretary General for Defence and National Security... More and, in particular, to prevent phishing. Phishing is a technique used by malicious people to obtain sensitive and personal data in order to usurp the identity of a target person. Using a password “vault” prevents phishing since an automatic authentication system cannot be lured by graphically related interfaces or websites.

Did you know?

There are some websites (e.g.: “Have I been pwned?”, “Have I Been Sold?”, “DeHashed”) that let you know if your personal data has been compromised or sold on the web. These sites list in a database, all data leaks that have occurred on the Internet. Thanks to a search engine, you can enter your name, first name, e-mail address, postal address, telephone number, etc. and check if these data are part of the database.

The password “vault” seems a priori to be the miracle solution to fight against cyber attacks. However, it is important to keep in mind that a password manager is itself unlocked using a so-called “primary” password. This password, which gives access to the rest of the passwords, must be complex but also memorable because it is the only password you will have to remember. A good password contains 14 characters, if possible composed of upper and lower case letters, numbers and special characters, which do not form a dictionary word or personal information. Its complexity must be sufficient and, on this subject, logic or intuition can easily be compromised.