What is a password manager?

What's coming up?

In this activity, you’ll find out what a password manager is and how it can help you keep your passwords organised and secured. You’ll learn about Master passwords and how to make one that is easy to remember but also secure.

Start activity
Close lesson
You have completed 0%

Introducing password managers

When you have lots of passwords to remember, it’s often safer and more secure to let a special kind of software, called a password manager, look after them for you.

A password manager with a number of locks surrounding it
A password manager managing passwords across a number of browsers

What is a password manager?

There are two main kinds of password manager. Most web browsers have a password manager built-in. Every time you create a new password, the browser offers to remember it for you. Some even offer to create the password for you, too. But this only works with that particular web browser.

The second kind of password manager is a separate app installed on your computer or device. It doesn’t need a particular browser to work, and some can even manage passwords for other apps.

How a password manager protects your passwords

You can think of a password manager like a traditional keychain, with each individual key a different password for a different app or website.

Your collection of passwords is protected by a Master Password which you use to sign in to your password manager.

Then, each time a website asks for a password (for example, your supermarket, some banks, or even my.gov.au) the password manager provides the password automatically. You don’t need to remember it, or type it in.

A password manager displaying a number of saved passwords
A password manager suggesting a strong password to its user

Password managers can make passwords for you

When you join a new website and need to make a new password, or even want to change an old password, you can let your password manager create this for you.

You can choose a password in the password manager’s app, or let it computer-generate a password.

An icon of a padlock

eSafety tip

Unless a website says otherwise, it’s safest to let your password manager computer-generate passwords for you. These passwords, which look like a random sequence of numbers, letters and symbols (for example, A4cre~3wx09q1) are virtually impossible for humans to guess, and very difficult for password-cracking programs to break into.

Banks, government websites, and some other websites, may generate your password automatically. Your password manager can still remember this password, and it is safe to use this password.

Extra security beyond the master password

Your password manager is protected by a master password, but most password managers also recommend that you set up extra steps to sign in, for additional security.

These steps are called multifactor authentication and involve a few simple extra steps after you enter your master password.

Multifactor authentication in action
Multifactor authentication used on other websites

What is multifactor authentication?

Multifactor authentication (MFA) is a catch-all term for an extra step of verification after entering a password. It might also be called Two-factor authentication, or 2FA.

Common examples of MFA include nominating a mobile phone number, which will receive a code each time you need to sign in to your password manager. Or you might get this code using a separate Authenticator app.

alt-text

eSafety tip

Some paid password managers provide tighter MFA security, in the form of a USB key. This is a small device you plug in to your computer. Each time you sign in, you push a button on the device, and it sends a unique code to authorise your master password.

How a password manager saves your passwords

Your password manager includes a cloud account, and all your passwords are backed up to that account. This lets you access them from any device, as long as you know your master password.

For security, the master password is not backed up to the cloud.

You can learn more about the cloud in the What is the cloud? course.

Passwords in a cloud being distributed to a range of devices
A list of saved passwords

Checking your saved passwords

Every password manager includes a dashboard or settings screen as part of the app, which you can use to view your saved passwords.

alt-text

eSafety tip

When a password manager saves your passwords to the cloud, the passwords are strongly encrypted so no one else can view them. All you need to remember is the master password.

A password manager makes it unnecessary to write down your passwords and store them. The only password you need to make a record of is your master password.

You should keep this master password in a safe place where nobody else can see it.

Paid password managers offer extra features

Some password managers ask for a monthly fee, usually around $6-12, and offer extra features. These features include a secure place to keep notes, and monitoring of your passwords to see if they have been compromised.

A password manager issuing an alert to its user

Well done!

This is the end of the What is a password manager? activity. You’ve learned the main features of a password manager and how it works.

Up next, find out about Free password managers, including those that come with your web browser.

An unlocked lock with a key in it