If there is one thing that men and women will never seem to learn in today’s technological environment, is to take care of their passwords. They write them down everywhere and keep physical copies in obvious places. They come up with ridiculous passwords that are often the name of their pet.

Passwords are only as effective as the person who creates them. Password managers came along to offer a solution to the madness of writing down passwords all over the place and failing to keep up with them. Password managers share a lot in common with crypto, especially the storage methodology.

It’s a simple piece of software that both encrypts and saves your passwords in a single place, keeping you organized and the passwords accessible only to you. But the question remains—is a password manager a single point of failure? The answer is simple enough.

Are Password Managers a Single Point Of Failure?

Yes, password managers are a single point of failure. All it takes is a single breach and everything you have ever saved in your password manager, for every login, financial, personal, or otherwise, is compromised immediately. However, there are things you can do to make your password manager a lot more secure.

If you are not sure you can take that statement seriously, spend some time on Google going over password manager breaches in the past. You’ll find quite a lot. In fact, you can probably spend the better part of an entire night researching the topic and reading the history.

While password managers may be a single point of failure, you have to consider the alternatives, which aren’t great options:

  • Create a unique, strong password for every site you use and memorize them all.
  • Create a unique, strong password for every site you use and write them down on a piece of paper.
  • Use the same or some variation of an easy-to-remember password on every site and service you use.

You’re not going to remember loads of strong, unique passwords. It’s going to be a serious pain to carry around a notepad with all your passwords on and using variations of a weak or even strong password across all the sites you use is going to be way riskier than using a password manager.

At the end of the day, you have a choice when you create your password manager login information. You can come up with an extraordinarily complex password, which you should, and write it down (which makes your password manager vulnerable) or, you can use a simple password (which makes your password manager vulnerable). 

So, what are you supposed to do?

Related Article: Can A Password Manager Work Across Multiple Devices? (Explained)

How to Lower The Risk Of a Password Manager being a Single Point of Failure

Two-Factor Authentication is an aggravating tool but growing in popularity. You should only engage in the use of a password manager if you cannot access your passwords with a single username and password login. 

You should have to log in, answer a secret question, and then wait for a secure code to be sent to your phone or personal email address. Once you access the secure code, you can input it and finally have access to your passwords. 

Sure, its stinks. This is especially true when you are in a hurry and really need to access your passwords. Too bad. If you’re going to use a password manager then you have to protect your passwords, especially when it comes to your financial login information. 

Come up with a ridiculously complex password and put that thing in a safe. Do not let a separate password manager save your login password for your password manager. Your password should look something like this: 6428%$6HBYm6s53^*710-/4. End of story.

Bottom Line

Unless you opt for 2FA (Two-Factor Authentication), your password manager is essentially a single point of failure. If it only takes accessing your password to get into your password manager, that’s the very definition of a single-point failure, especially if your password is your dog’s name followed by its birthday.