Maximising your password vault security

Following on from my previous post, here are my tips to making the best use of a password vault on your PC:

  • If your vault has a password generator, use it on all future passwords and over time replace as many existing passwords as possible
  • Use a strong password for any vault Internet accounts
  • Use a different and highly secure password for local vault encryption
  • Learn all the features in the tool and how to make use of them
  • Install the vault on all frequently used devices

Finally, always use two factor authentication on critical accounts even if they are managed by the vault. At a minimum ensure a second factor is used on all email accounts.

The caveat for all of the above is do so only if it meets your requirements and risk assessment. Security is not a continuum of improvement, but a scale whose tipping point is usability.