Integrated Password Managers – Google Smart Lock

We are advocates of using a password manager to create, manage, and securely store the dozens (or hundreds) of unique and long passwords that we need to be using these days.  For many people, password managers can seem difficult to set up and a bit of a hassle to use.  The good news its that there are two easy and built-in alternatives, Google Smart Lock and Apple iCloud Keychain.  Today we will look at Smart Lock.  On Friday we will explore Keychain.

Google Smart Lock works with Android phones, the Chrome browser and apps, and with Chromebooks.  It works by capturing your password you enter on your device, and store them in encrypted form in the cloud.  Then when you return to a website or app, Smart Lock fills in the user and password information for you.

Smart Lock does not have all the features that a full-fledged password manager will have, but it is pretty much set up for you by default.  You may be using it already without knowing it.  I took a look passwords.google.com and found out I already had a bunch I wasn’t aware of myself.  While I was there, I turned Smart Lock on.  Go and do likewise.

Previously, if you had asked me if it was safe to let a browser remember your passwords for you, I would have answered “no.”  In the specific case of Chrome, I would change that answer to a qualified “yes.”  Just remember, if your device is lost or stolen, and the finder or thief can start or open it without a password or passcode, they will be able to log in to all your saved sites, as your user name and password will autofill just as easily for the stranger as for you.  That’s why all my devices are password protected at startup.  Yours should be too.

More information:

 

0

About the Author:

Cybersecurity guru to business owners in the St Paul, Minneapolis, and western Wisconsin area. Computer security and hacking have been a passion of mine since I entered the computer and networking business in 2000. In 2013 I completed a course of study and certification exam to become a Certified Ethical Hacker (CEH). In 2016 I was certified as a Certified Information Systems Security Professional (CISSP). As Senior Cybersecurity Engineer at Computer Integration Technologies, I help our clients experience high levels of computer security, network security, and web site security. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also provide Cybersecurity Awareness Training for clients and their employees. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. The views expressed on this Web site are mine alone and do not necessarily represent the views of my employer.

Add a Comment