In 2021, it took attackers an average of just two days to breach a company’s internal network. That process starts by puncturing the perimeter, which was done 71% of the time with compromised credentials.
Simple or duplicated passwords, combined with sophisticated phishing techniques, have allowed cybercriminals to wreak havoc on even the most well-defended organizations.
Passwarden is a password manager designed to help individuals and businesses alike protect their online accounts from being compromised. By storing passwords in an encrypted format and requiring two-factor authentication for login, Passwarden provides an extra layer of security to keep your data safe.
With the average person having up to 90 online accounts, it’s becoming increasingly difficult to keep track of strong, unique passwords for each one. I am as guilty as any when it comes to reusing the same password or just defaulting to simple ones that can be easily remembered (and guessed).
After experiencing one of these breaches personally – my usual password was compromised, causing me to have to change it in several places – I’ve been focused on finding a way to protect myself, even as I fall further and further behind in terms of technical expertise.
So I thought I would put Passwarden to the test, and find out everything I could about it.
Swapping one password for another?
When I first downloaded it, there was quickly a feeling of panic. It asked me to create a master password – was I just swapping one for another? I didn’t want to have to enter it every time, I thought that was exactly the problem it was supposed to solve.
Luckily, Passwarden had already thought of this and implemented biometric verification on the iOS app. It was also available on my Mac and the Android phone I use for work.
The master password is just required because it is the key to how the encryption works, making it unique to each user. The app then stores your passwords in an encrypted format, so even if the app were to be compromised, the passwords would be unreadable.
Avoiding big brother
I was willing to sacrifice some data privacy for password security, but it just so happens that I didn’t even need to worry. While every other app today seems to be constantly logging my location, IP address, and other information to sell it or target me with ads, Passwarden doesn’t.
It doesn’t log GPS data or login information, and the developers say they don’t even have access to my passwords. It does store the country code where I registered my account, but that’s it.
That’s important because even if the company were to be hacked, there wouldn’t be any customer data for cybercriminals to steal.
Dark web protection
I never wanted to know what the Dark Web was. That was something for hackers and criminals, not technologically limited people like me. But in 2019, more than 770 million emails were compromised in a massive data breach – including mine.
I went down a rabbit hole learning everything I could about the deeper parts of the internet, but it is still too complicated for me to know how to protect myself.
That’s part of what drew me to Passwarden in the first place – they offer Dark Web Monitoring. That’s a part of their security service that searches for your email addresses or passwords in major data breaches and lets you know if it has been compromised.
This isn’t something you’ll read about in the Times – this is the kind of service that only people who are worried about their online security know about.
Wait, you might be thinking “searches for your passwords?” Yes, that freaked me out too. If they were searching for your passwords, doesn’t that mean they have access to them? Turns out, no. Passwarden sends just a small part of the encrypted password to check, and it can’t be reverse-engineered by someone who intercepts it.
Private security detail
I know that the average user won’t understand all of the technical information but once you start looking into it, you’ll see how important certain things are. Passwarden uses client-side encryption, AES-256 and EC p-384 protocols, and two-factor authentication – all industry-leading techniques.
Whether you are completely lost when it comes to security jargon or you’re an IT manager with decades of experience, the suite of security options is impressive.
It also has something I’d never heard of before: Duress Mode. This is something that allows you to enter a dummy password if someone is trying to force you to open an account. It will appear as though it was unlocked and show some pre-selected information that you’re willing to give up.
I vowed to myself to find a way to better protect myself online, and I found it in Passwarden. But it wasn’t an easy leap to take. The best advice I can give is to try it yourself and see if it works for you.