Password Management Software:
Password Management Software is a software that is used to store, generate, and manage personal passwords for online services. As the passwords are stored in an encrypted database, a password manager software will be able to provide assistance in generating and retrieving complex passwords.
Types of Password Management Software:
There are three types of password management software that include: Locally installed software, Web-based services and Token-based hardware devices.
The storage of encrypted database depends on the type of password manager used and the functionality offered by its developers. It can either stored locally on the device of the user or remotely through an online file hosting service.
Typically the software require a user to generate and remember one master password to unlock and access any information stored in their databases. Some additional capabilities are offered by many of the Password Management Software that enhance both convenience and security such as storage of credit card, autofill functionality and frequent flyer information.
Locally installed software:
The Password management software can be installed on the personal computer or mobile device of the user, in the form of a locally installed software application. These applications can be offline or online. The password database is stored independently and locally on the same device as the password management software in offline mode while the password database is dependent on an online file hosting service and stored remotely in online mode. However, the online mode requires a cloud based approach and is handled by password management software installed on the device of the user. There is no risk of leakage of data due to the network in offline mode as it do not require Internet permission. Thus, a fully offline password management software is more secure, but may be much poor in convenience and functionality than an online one.
Web-based services Password Management Software is a web-based version of more conventional desktop based Password Management Software that securely stores login details. The advantages of online Password Management Software over desktop based Password Management Software are:
- Portability which means the software can be used on any computer with a web browser and a network connection, without the need to install software
- There is a reduced risk of losing passwords through theft or damage to a single PC . However, the same risk is present for the server that is used to store the users passwords. But, in both cases this risk can be prevented by taking secure backups.
The user trusts the hosting site and a keylogger is not on the computer they are using in online password management software which is the major disadvantage. The way of authentication into the online service and the passwords stored in the encrypted form with a user defined key are most important for saving it from any kind of cyber attacks. To provide a solution for this, some online password management software distribute their source code which can be checked and installed separately.
Token-based hardware devices:
Token-based hardware device is a type of Password Management Software where a locally accessible hardware device, such as smart cards or secure USB flash devices, is used to authenticate a user in addition to a traditional text based password. Usually, the data stored in the token is encrypted to prevent probing and unauthorized reading of the data. Software loaded on the PC along with hardware such as smart card reader and drivers are still required for some token based system to properly read and decode the data. It provides multi-factor authentication as the credentials are protected using a security token. This feature is provided by combining a mobile application that generates rolling a Token similar to virtual smart card, smart card and USB stick/ PIN or password/ biometrics such as a fingerprint, hand, retina, or face scanner.