Image
Image
Standardize Login Page Links
The most common problem that I have come across with password managers is due to the fact that that there is no standardized login page format across the internet. Many times, a password manager will store the page location on which a password is set. This becomes a problem because the manager fills in the URL for the password reset page instead of the login link. Imagine how confusing that is to a non-technical person. Each time they try to use the automated link in their password manager to login, they are directed to the wrong page (the password reset page) rather than the login page. Most folks do not know the address of the login page for their Gmail account (https://accounts.google.com/) or Amazon account (https://www.amazon.com/ap/signin?_encoding=UTF8&openid.assoc_handle=usflex+300 additional characters!) Is it possible to make the login landing page as simple as https://www.<domainname>.com/login rather than some of the long, obscure addresses that exist?All Password Managers Are Equally Good
Another problem that is holding back adoption of password managers by the general public is caused directly by us. When someone asks “which is the best password manager?,” we should preface our response with “They are all good” before moving on to which one we like best. We can debate the individual problems with each product amongst ourselves (there is certainly no shortage of bickering about password managers in our community), but to make a public statement about the problem with any password manager is the same as damning them all. Unless you are employed by a particular password manager software company, there is no need to talk about how any single product is horrible. Is it more horrible than the current password security methods currently used by most of our friends and family?Password Managers Make It Fun to Answer Security Questions
Have you noticed how many sites ask the same security questions? You know, the ones such as “where did you go to elementary school” or “What is your father’s middle name”? How often have we seen breaches that were carried out using those all-too-easy-to-find-out answers? Gladly, many sites have started to allow the creation of your own question. A password manager lets you keep notes in which you can add ridiculous answers to any security question. Question: In what city were you born? Answer: Unicorn Island. Your friends may think you are crazy for suggesting that they answer those questions in such a cavalier fashion, but it also adds a sense of the hacker mentality to security questions, and people love the feeling of being on the cutting edge of technology with such a simple method. It has taken over a decade for people to start using biometrics, and it only became possible as the technology became easier to use. It may take as long for password managers to move into that zone of “people who know they should use a password manager.” However, it will only start if we make the technology easier and if we start acting as better cheerleaders. Then maybe we can start getting people to use two-step verification. Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
