Password managers: More necessary than ever

Categories: technology, linux

There are two kinds of people, those who have lost data and those who will.

It’s not a shock to know that remote work/school is starting to become the norm for many people. More and more of our interactions with our colleagues, coworkers, friends, and family are now taking place online. We are also sending and storing our private details on the internet more than ever before. We need to send hundreds of emails and attend several meetings each day because school and work demand so.

Privacy concerns are worsening. As our daily internet usage grows due to the ongoing pandemic, we are exposing our personal information to the internet, where nothing really goes away, unfortunately. Moving a big chunk of our daily lives online comes with a risk. Organizations are starting to migrate their services online, and while some of them have managed to adapt, others are struggling to keep privacy and security in their agenda. Forms that were once filled and signed offline are now being transmitted via email. I won’t be surprised if the number of data breaches rise from now on, as more and more important and sensitive stuff is being shared.

Too many accounts, not enough space in our brain

Communication and document sharing that took place offline is now done through several platforms and websites, and now we have the additional task of remembering unique, hard to guess passwords for each of these accounts.

Of course, that almost never happens.

Most people just use the same password for all of their accounts and don’t bother with anything else. It’s difficult to juggle with that many accounts. We forget our passwords, and we aren’t very good at generating good ones. We prefer the quick solution to just reuse a password, not realizing the risk of having the same one across many accounts.

Data breaches are more common than most people think. You can check out the Have I Been Pwned website to check if your accounts and information have been compromised. It’s scary to see that many accounts leaked, a number that is only going to keep increasing.

Use a password manager

Obviously if you care about online security you are using a password manager. Or maybe you have managed to survive in the internet with a low number of accounts.

The thing is, with more and more corporations, schools, organizations, and governments investing in online infrastructure in response to the pandemic, the number of accounts that we use to exchange information is only going to keep increasing.

Using a password manager is vital for the modern internet. For many, creating web accounts and passwords is a new thing, now that COVID-19 is forcing more and more people to work from home.

There are many password managers in the market that do an excellent job at keeping track of all your passwords, generating new, secure ones, and automatically filling login forms. These apps not only simplify the process of logging in, they also provide security against hacking.

Don’t rely too much on online services

Online services are nice. They give you the tools (sometimes for free) to get work done without downloading programs or going through the process of setting up a network for your organization. Is as simple as creating a new account and inviting people to collaborate.

Specially with schools, where some learning activities can’t be done through a simple video call or a shared document, web services provide specialized software to learn, share, play, and work together. Some online quizzes, puzzles, and games require users to sign in. Students will then have to create an account for each service, and keeping track of that many emails and passwords is just not feasible.

Online teaching is still new, specially for younger users, and there’s still a lot to do before online learning is consolidated as a form of teaching. The 2020 pandemic just shows how much there is to learn. A giant experiment with yet unknown results. Who knows, maybe online teaching is simply not possible, or maybe we are yet to find the correct method.

In short, try to stick to a few services that you are going to use constantly, and look for software that doesn’t require an account. Minimizing the number of platforms you use increases security and productivity.

pass, The Standard UNIX Password Manager

For Unix operating systems pass is a free, open source tool that does the job just fine. It keeps your passwords locally encrypted files, but you can easily copy them on other machines or drives. It’s very flexible and only requires generating a GPG key to encrypt the passwords, a fairly easy process.

Using pass is as simple as:

List all passwords:
$ pass

Show passwords:
$ pass email/domain.com

Copy passwords to clipbord:
$ pass -c email/domain.com

Easily generate strong passwords:
$ pass generate email/myschoolemail.org

Complete information on pass usage is available here.

Bonus: Automate (sort of) mobile logins

For Linux, here’s a small script that generates a QR-code that contains the password specified using pass, and displays such code using feh. You can use your phone to scan the code and retrieve the password from your computer.

Requires:

#!/bin/sh
# mobilepass.sh

qrencode -s 10 "$(pass $1)" -o - | feh -

To execute it:

$ ./mobilepass.sh email/domain.com