Why Password Managers Are Not the Solution

Why a Password Manager?

Password managers exist for two main reasons.

Firstly, to generate strong passwords and secondly so that you don’t end up using the same password on all your websites or apps that you frequent.

On the surface, that sounds like a pretty good idea.

Imagine you use the same password for a number of websites, then one of those websites gets hacked. The hackers will now try the same credentials on a range of sites. Oftentimes they will be able to successfully login because people don’t protect their stuff more than this.

The Problem

You are security conscious, so decide to use a password manager. Whether that be Google Chome Password Manager, LastPass, 1Password or one of the others. You setup a master password and start generating new passwords for all your sites. This sounds like a great idea, as now it’s very difficult for hackers to guess your password.

But what happens if they guess your Password Managers master password?

They then have access to all your sites passwords, 2factor codes, and can access everything you can!

While Password Managers sound like a great idea, I don’t think this is done quite right.

What do you think?