Blog

What Is a Password Manager? Answered

Sep 6, 2024

•

Min Read

Protect Your Payments

Managing numerous online accounts often leads to a challenging dilemma—how to keep track of multiple passwords while ensuring they remain secure. To solve this problem and reduce the risks associated with weak or reused passwords, many consumers have turned to password managers. But what is a password manager?

In this guide, we'll explore what kind of tool it is and how it safeguards your online accounts. You'll also discover virtual cards and how they can help you protect your sensitive financial details during online transactions.

What Is a Password Manager, and How Does It Work?

An illustration of a hand reaching toward a password field on a laptop, with an open padlock next to the field — *Source:* *Mohamed_hassan*

A password manager is a type of software designed to store and manage passwords securely. Instead of relying on memory or writing down passwords, you only need to have the credentials that grant you access to the vault where your passwords are stored in a hashed or encrypted form.

When you want to log in to a website or app, the password manager fills in the username and password fields, reducing the need for manual entry. This also minimizes the risk of keyloggers stealing your info as they can track, record, and transmit keystrokes to cybercriminals, aiding password theft.

Besides storing passwords, some password managers offer secure storage for other sensitive information like credit card details, notes, and personal identification numbers (PINs). In some password vaults, you can also store photos and important documents.

Types of Password Managers

Four common types of password managers are:

Browser-based password managers
Cloud-based password managers
Offline password managers
Device-based password managers

Browser-Based Password Managers

Browser-based password managers, integrated into browsers like Google Chrome, Mozilla Firefox, Microsoft Edge, and Opera GX, provide an accessible, entry-level solution for managing passwords. They can save login details when you sign in to websites, and you can access them on any device that has the browser installed.

While convenient, these managers typically offer fewer advanced features than standalone password managers and may lack strong encryption or other recommended features like data breach monitoring.

Setting up a browser-based password manager normally involves these steps:

Open your browser's settings or preferences
Navigate to the Passwords or Autofill section
Enable the option to save and sync passwords
Enable additional authentication methods if needed

Cloud-Based Password Managers

Cloud-based password managers, such as LastPass, Dashlane, and 1Password, store credentials on online servers, allowing you to sync your passwords across multiple devices, operating systems, and browsers.

These password managers often employ advanced security methods, such as high encryption standards and passwordless access. Some of them also provide additional helpful features, such as secure password sharing and password health audits. Cloud-based password managers are a good choice if you regularly switch between devices and want the convenience of accessing your vault anywhere.

Setting up a cloud-based password manager typically involves:

Downloading the software or app from the official website or app store
Creating an account with a valid email address
Setting up a strong master password or a passwordless authentication method—some services offer PIN or biometric verification (fingerprint or facial recognition)
Adding your credentials manually or allowing the password manager to save them at login
Setting up additional security measures like multi-factor authentication

Offline Password Managers

Offline password managers do not store passwords on external servers— they keep all data locally on your device. However, they require manual backups to ensure data isn't lost in the event of device failure.

Offline managers are particularly favored by security-conscious individuals and organizations that prefer complete control over their data. It's worth noting that some cloud-based managers, such as Keeper and RoboForm also offer offline features for added flexibility.

You can set up an offline password manager by following the steps below:

Download the software.
Install and configure the software to store credentials on a local drive or external storage device.
Create a secure master password to access your local vault.
Import your credentials.

Device-Based Password Managers

Device-based password managers, such as Apple's iCloud Keychain, Samsung Pass, and Windows Credential Manager, are either built into the operating system or integrated into larger product ecosystems:

iCloud Keychain securely syncs credentials across Apple devices using end-to-end encryption.
Samsung Pass lets you store credentials on Samsung Galaxy devices and computers running Windows.
Windows Credential Manager helps you manage local and network login details on Windows computers.

These solutions offer seamless integration with the operating system but may have limited cross-platform compatibility compared to standalone password managers.

Device-based password managers usually come with the operating system, so they don't need to be set up. You might need to enable them, however—here's how to do it with iCloud Keychain:

Go to Settings on your iPhone, iPad, or Mac.
Tap on your name, then iCloud.
Select Keychain and toggle it on.

Close-up photo of a black keyboard with a fingerprint on the enter key — *Source:* *TheDigitalWay*

Features To Look For in a Password Manager

While basic password management is essential, you might also seek additional measures and features to enhance security and simplify password-related activities. For example, you could look for password managers that employ zero-knowledge architecture, which means the service provider can't access your sensitive details, including your passwords.

Here are some features to consider:

Feature	Description
Password generation	Most password managers allow you to generate complex, random passwords, ensuring that you don't rely on weak or easily guessable passwords.
Secure sharing	Some managers allow you to securely share login credentials with trusted contacts.
Breach monitoring	Some services, like Bitwarden, include dark web monitoring. This feature scans databases for exposed credentials and alerts you if your data is compromised.
Emergency access	Some managers provide an emergency access feature, allowing trusted individuals to access your vault in an emergency. This feature typically includes rules that only grant access under certain conditions.

Are Password Managers Secure Enough?

Password managers can be effective in protecting both your credentials and payment card details, but their security measures have a limit. While some features, like breach monitoring, can help you react quickly if your passwords are compromised in a security breach, your financial information is still at risk of being stolen.

Fortunately, there's a different form of protection that lets you secure your payment card numbers and make online purchases worry-free—virtual cards.

Virtual cards are randomly generated card numbers you can use at checkout, shielding your actual financial information from potential hackers. While financial institutions like Capital One^® and American Express^® offer virtual card services for secure online purchases, independent providers like Privacy offer customizable features in addition to enhanced security.

An image of a person touching a digital interface with an icon of a fingerprint and the word "SECURITY" prominently displayed — *Source:* *geralt*

Privacy Cards Help Protect Financial Information

Founded in 2014, Privacy is a BBB-accredited virtual card provider that enhances the security of your payment card details when used online. Connecting your bank account or debit card to Privacy lets you generate virtual cards for your online transactions, ensuring your actual financial information isn't stored on merchant servers.

As a PCI-DSS-compliant service provider, Privacy adheres to the stringent security standards typically used by banks. For example, Privacy employs AES-256 encryption to secure sensitive information, minimizing the risk of data exposure. The service provider also offers two-factor authentication (2FA), helping to reduce the chances of unauthorized access to your Privacy account.

Additional safeguards Privacy offers include:

Transaction alerts—You receive real-time alerts whenever your virtual cards are used or declined, keeping you informed of all activities.
Regular system audits—Privacy undergoes regular security audits by third parties to ensure compliance with the latest industry standards and security protocols, providing robust protection for your data.
Adherence to Open Web Application Security Project (OWASP) guidelines—The company follows OWASP best practices, helping ensure that all code is peer-reviewed before deployment. This proactive approach helps prevent vulnerabilities in the system, ensuring a consistently high level of data security.

Privacy Card Types

With Privacy, you can generate three types of virtual cards:

Card Type	How It Works
Single-Use Cards	These cards deactivate shortly after a transaction, becoming useless to potential hackers. You can use them for one-time purchases or transactions with unfamiliar vendors.
Merchant-Locked Cards	They "lock" to the first merchant you transact with and can't be used anywhere else. You can use these cards for recurring payments, such as Google One, Netflix, and Disney Plus subscriptions.
Category-Locked Cards	These cards are restricted to purchases within designated merchant categories. They can be ideal for managing spending for specific types of products or services, such as health & wellness, dining, or entertainment.

Privacy allows you to set spending limits. Any transaction that exceeds the set limit will be automatically declined, protecting you from excessive charges by vendors. You can also pause or close your Privacy Card anytime, and Privacy will block any further charges.

A cropped photo of a person using a laptop while holding a payment card — *Source:* *rupixen*

Convenience Features

To provide a streamlined experience when transacting online and simplify how you manage virtual cards, Privacy offers these features:

1Password integration—Manage your Privacy Virtual Cards and your passwords directly within 1Password's browser extension.
Privacy App—Use the mobile app to generate, manage, and control your virtual cards from your iOS or Android device, ensuring secure and convenient transactions wherever you are.
Privacy Browser Extension—Install the browser extension for Google Chrome, Firefox, Microsoft Edge, Safari, and Safari for iOS. This feature provides quick access to your virtual cards while shopping online, autofills payment details, and simplifies the transaction process.

How To Get a Privacy Card

To join Privacy, follow these four steps:

Register
Complete the identity verification process
Add a funding source for your Privacy account
Request your first Privacy Card
‍

Depending on your needs, you can choose from the four plans Privacy offers:

Plan	Price	Features and Benefits
Personal	Free for domestic purchases	Up to 12 virtual cards per month Secure Merchant-Locked & Single-Use Cards All card controls Access to the mobile app and browser extension
Plus	$5 per month	Everything in Personal Up to 24 new cards per month Priority support Live Chat (Mon–Fri, 9 a.m.–5 p.m. ET) Category-Locked Cards Custom card notes Shared Cards
Pro	$10 per month	Everything in Plus Up to 36 new cards per month Get 1% cashback on eligible purchases (up to $4,500 per month) No foreign transaction fees
Premium	$25 per month	Everything in Pro 60 new cards per month

Privacy — Seamless & Secure Online Card Payments

Checkout securely online by creating unique virtual card numbers for every purchase. Avoid data breaches, unwanted charges, and stolen credit card numbers.