Passwords play a crucial role in the security of our personal data online. As we need access data for many different online services and accounts these days, it can be difficult to keep track of all our passwords. To avoid falling into the trap of using the same password everywhere, it is advisable to use a password manager. This way, complex passwords can be managed securely.
A password manager is a piece of software that helps us manage our passwords. It is used to store our passwords centrally in one place instead of writing them down on different devices or in notebooks. At the same time, the passwords are synchronized between the devices. It encrypts our access data and enables us to create and store secure and individual passwords for each of our accounts.
A password manager offers various advantages:
A password manager usually works as a browser extension or as a standalone program. As soon as we want to log in to an online service or website, it fills in our access data in the relevant fields automatically or at the touch of a button. This saves us the hassle of typing in our login details every time we visit.
Passwords are stored in a vault that is either stored locally on our device or in the cloud. The vaults are always encrypted to ensure the security of our sensitive data.
Yes, a password manager allows us to securely store both our usernames and passwords. This way, we have all our login details in one place and can access them at any time. It also makes reference to which domain (e.g. email account) or app the credentials belong to.
Two-factor authentication is standard for protection against hackers. This is why the second factor can be stored in the vast majority of tools. This helps to provide you with the best possible protection against brute force attacks. In brute force attacks, an attacker tests random character sequences to guess the password. This is no longer possible with the second factor.
The security of our passwords in a password manager depends on the security architecture of the respective program or online service provider. It is advisable to choose a password manager that offers strong encryption and additional security features such as two-factor authentication. This way, we can protect our passwords from potential attacks by hackers and malware.
A master password is the password we need to gain access to our password manager and our stored passwords. It is crucial to choose a strong and memorable master password as this provides an extra layer of security and protects access to our passwords from unauthorized access.
Even more complex passwords can be cracked, given enough time and computer resources. So-called brute force attacks are used for this, where thousands of passwords are tried out. The second factor protects against this. An SMS is sent to the mobile device or a constantly changing code is generated in an app.
As any software or plugin can have a security vulnerability, providers are constantly working to further develop the software and make it more secure. To benefit from these updates, you need to update your software and browser plugins regularly.
When choosing a password manager provider, pay attention to their certifications. ISO certifications in particular underline the commitment to security and quality. In particular, the ISO 27001 standard guarantees proven security practices and processes.
We recommend that you host your passwords on Swiss servers operated by a Swiss company. Switzerland stands for strict data protection laws and practices that ensure the security of your personal information. By hosting in Switzerland, you retain control over your data as it is not subject to the same legal uncertainties as in other countries.
There are a variety of password managers on the market. Most of them are similar in terms of functionality and security. However, there is a significant difference in terms of transparency through open source and digital sovereignty through self-determination of where the tool is hosted, i.e. operated. Below is a selection of well-known solutions.
Vaultwarden is characterized by its excellent security and open source nature. With strong end-to-end encryption, you can store your passwords securely. The cross-platform availability and the fact that you can also share passwords make Vaultwarden particularly attractive.
KeePass is also open source and offers a high level of security. You have full control over your data and there is no dependency on the cloud. However, this is also a major disadvantage, as your passwords are stored locally and are no longer available if you lose your computer.
LastPass is characterized by its user-friendliness. It offers a wide range of functions and enables convenient password sharing. LastPass is not open source and cannot be operated in a sovereign manner. There have also been data protection concerns in the past.
Dashlane offers user-friendly functions and practical password monitoring. Dashlane is also not open source and cannot be operated in Switzerland.
1Password impresses with its excellent user guidance and offers many extras, especially for macOS users. Unfortunately, however, 1Password is neither open source nor hostable in Switzerland.
You can manage passwords at Open Circle with the open source solution Vaultwarden. We offer this as a password manager solution.
Who knows it too? 123456, the date of birth or simply entering test as a password. You want to change it later to a secure password, but then it remains permanently. It is obvious that these examples are insecure. But what makes a password secure?
A secure password is characterized by its complexity and uniqueness. It should consist of a combination of upper and lower case letters, numbers and special characters. In addition, it is advisable not to include any obvious information such as our name or date of birth in the password. Basically, the longer the better. We recommend at least 12 characters.
It can be challenging to remember complex passwords, especially if we use a unique password for each of our accounts. We recommend creating passwords that are not memorable. If you use a password manager, complex and long passwords can be easily saved and filled in.
Changing passwords regularly was a common security practice for a long time. Today, however, there are some arguments against it:
The security of passwords in a password manager depends on the security architecture of the program. If we choose a trustworthy and well-rated password manager that offers strong encryption of data records and additional security features such as two-factor authentication, we can keep our passwords safe and secure.
If our device is stolen, the thief must first gain access to your computer. If they manage to unlock the PC, we should make sure that we use a secure master password for our password manager. This will make it more difficult for the thief to access our stored passwords. A second factor makes this virtually impossible. The good thing is that since passwords are not stored locally, you can also access them from another computer
In the event that you have locked yourself out of your account and are no longer logged in to any computer, you can protect yourself. Many password managers offer the option to export emergency tokens. You can usually do this in the administration area with just a few clicks.
We are convinced that storing your passwords in Switzerland, i.e. digitally sovereign, and transparency through open source are very important. Take a look at our password manager, which meets all these requirements. You are also welcome to arrange an appointment with us and we will explain the benefits to you in person.
Our recommendation is clear: use a password manager to securely store your passwords and synchronize them between your devices (including mobile devices). You can use it to save complex passwords without having to remember them. This also means you no longer have to use one password for several services.
The range of solutions is huge. It’s worth taking a look at the details. We recommend the digital sovereign password manager Vaultwarden, which we offer as a password manager solution.