Password management apps have been around for decades.
There's 1Password, for example, which promises that you'll only need to remember one password instead of dozens or hundreds.
Also: Why you can still trust password managers, even after that LastPass mess.
The best products in the category offer passwordless options as an alternative to typing that master password to unlock your password vault.
In all those cases, the master password is still available as a backup decryption method.
That's where some people get nervous about entrusting all those secrets to a password manager.
If someone can steal your master password, they can take over your entire online existence.
My conclusion: There's a passwordless password manager in your future, but only technically sophisticated customers should plunge in today.
With those tasks out of the way, you can import your existing passwords and add new ones.
You now have a device that you can use to set up access to the password vault on other devices, with no master password required.
Most modern password managers store the encrypted password database in the cloud so that you can sync and share credentials across devices.
After setting up my passwordless Dashlane account on an Android device, I found it easy to set up other devices, including an iPhone and iPad, a MacBook Air, and multiple PCs running Windows 10 and Windows 11.
It turned out that the best way to activate my passwordless account was to save a passkey in 1Password using my current account on the Samsung device I started with, then attach that account to 1Password on the new device using its master password and secret key, and add the new account there.
Also: Beyond passwords: 4 key security steps you're probably forgetting.
The dealbreaker for me came when I tried to export my passwords from the new passwordless account.
1Password's beta app insists that you type a master password before it will begin an export.
When you have a passwordless account, the only way to access your passwords is to establish your identity with the help of a trusted device where you've already confirmed your credentials with the password management servers.
Without a master password, you don't have a fallback method to restore access to your encrypted vault.
Also: Stop using weak passwords for streaming services - it's riskier than you think.
If you're happy with your current password manager, it's not time to think about switching yet.
This Cyber News was published on www.zdnet.com. Publication date: Thu, 28 Dec 2023 22:13:05 +0000