Why are password managers considered good security practice when they provide a single entry for an attacker to get all of your credentials?

1.61K viewsOtherTechnology

Why are password managers considered good security practice when they provide a single entry for an attacker to get all of your credentials?

In: Technology

38 Answers

Anonymous 0 Comments

A benefit that hasn’t been mentioned – it’s difficult to be phished with a password manager.

Let’s say I receive an email that directs me to paypa1.com, with a convincing replica of PayPal’s interface that prompts for credentials.

Without a password manager I would go ahead and type my username+password into the dodgy site without a second thought.

A password manager will prompt to fill credentials based on the domain being visited. It won’t recognise paypa1.com as matching any of the passwords in its database, so it won’t prompt to fill them in. Working around this requires me to manually find the site in my password manager (a red flag) and copy-paste the password in manually.

You are viewing 1 out of 38 answers, click here to view all answers.