What a mess: passwords. We have now reached the point where even the most imaginative ones they have devised themselves no longer offer safety. Computers are smart enough to crack ‘human’ passwords in an instant. And it is also out of the question to use the same password on multiple sites. A password manager and generator such as mSecure, for example, is now mandatory.
A password manager is an app on your mobile, a program on the PC or a service running in the cloud. The latter variant is of course always the least secure choice, because it still regularly occurs that services are hacked. We just assume that with a cloud-based password manager everything is fine in terms of security, but still. In short: preferably choose a locally running password manager and possibly make backups of the database that arises after a while. Of course, that backup must be securely encrypted with a strong password. mSecure is a typical password manager available for both mobile platforms and the desktop. To be precise iOS/iPadOS, Android, Windows and macOS. In fact, the program is a database where the data is firmly encrypted with a password. Choose a strong password, but that will be the only thing you need to remember from now on!
mSecure
A password manager – we focus on mSecure in this article, but there are several – is an app in which you can store all your privacy-sensitive things. Think of the login details for a website or cloud service, a copy of your passport, credit card, debit card and so on and everything else ‘for your eyes only’. At the same time, mSecure offers the possibility to generate basically uncrackable passwords. They are all unmemorable, but that’s not a problem. You simply log in with that one master password from mSecure (if your hardware supports it, this is also possible with, for example, a fingerprint or facial recognition), after which you copy and paste the necessary data. In the case of iPadOS, for example, mSecure (and that goes for most up-to-date other password managers too) is integrated into the operating system in such a way that you can quickly designate mSecure as the source for your passwords whenever login credentials are requested.
Passwordless login
In principle, the operation of mSecure is – fortunately – very simple. When you first launch the app you will be guided through the process of saving a master password. You are supposed to remember that extremely well. Without it, you’ll never get to your (no doubt rapidly growing) database of stored data. If you ever lose that master password, there’s no sweet mommy to ever help you again. Very important to realize that! Once you’ve set up a master password, the fun can begin. We’re going to work with the iPadOS version, but all variants work about the same of course. Once logged in with your master password, it is useful – if you have not already done so – to choose a fingerprint or face scan as the login method. Provided your device supports it, of course. To do this, in the iPadOS version, tap the button with the three bars in the top left of the screen, followed by a tap Settings. In our case we see there under the heading SECURITY a switch at the back Use Face ID. By turning it on, you can now log in to the app by means of a face scan. The only risk of this is that you will never enter your master password again, increasing the chance of forgetting…
backup
By default, a bit lower in the settings panel, the option to automatically back up to iCloud is also on. We advise you to leave it that way. If something ever goes wrong with your device, at least you’ll always have your database on hand! Plus, it’s safe, as the backup is securely encrypted and protected with your master password. In our opinion, it is therefore wise to leave the rest of the settings – certainly in the beginning – at the default values. You can always fine tune if you know exactly what you are doing.
Add items
mSecure is a classic example of a database in terms of usage. You can create items under various categories. To create a new item, first tap the + at the bottom of the list with any data already present. Choose a category (after tapping more … you see a whole laundry list; you can also add categories yourself). In our example we go for classic: the Login.
Generate a strong password
You will now see a panel where you can fill in the requested fields. You don’t have to enter everything, but a title for the item, the possible URL of the website or the IP address of something like a router, account name and password are more or less necessary. If you already have a password for a certain service, then it is important to take a critical look at it. If that’s still something like ‘Mercedes2010’, then it’s time to replace it with a secure password as soon as possible. In that case, tap the die and a strong password will be automatically generated for you. You can adjust the length and structure of that password by tapping the gear. A single – often somewhat older – website or device can sometimes not handle ‘crazy’ characters like {, @ or #. You can exclude them here with the relevant switch. But above all, use a mix of everything if your service allows it, which will only result in a more secure password! And a character or fifteen in length is no longer an unnecessary luxury.
Retrieve login details
Furthermore, you can add extras Attachments (think of a photo or something similar) and notes under Notes. Tap Save to save the item. From now on you will find it in the list of saved items. If you want to log in to your NAS with a now firmly password-protected NAS, you can now retrieve the login details from mSecure. As promised, this can be done almost automatically, especially after a while when the database gets filled. Go to a site or IP address in your browser where a login screen appears. At the bottom of the screen you will see a bar with the text Passwords; tap that text followed by a tap mSecure.
After logging in (with, for example, a face scan) you often quickly see a suitable suggestion. Or – and that will certainly be the case in the beginning when there is little left of stored account data – you have to tap an item from the list yourself. After that, username and password are automatically transferred to the appropriate fields in your browser. You can also ‘manually’ transfer data from mSecure, if you need to or if you prefer. Open mSecure issue, log in there, open the respective item and tap the field under e.g. Password, followed by a tap copy. You can then paste the password (or any other part of a saved account) into your browser – just as for example.
Grind your master password!
As mentioned, most password managers will work in a more or less similar way. The bottom line is that you can’t live without it these days. Once you have a password manager up and running, change all duplicate passwords, weak ones, or very old ones that have never been updated immediately. You leave that generation to – in this example – mSecure. The more complex the password, the better. You never have to remember it again. What remains is that master password. If you’re afraid to forget that, you can write it down somewhere of course. But then in a place that is really untraceable by the average malicious person. If your master password is ever stolen, it is important to change it immediately. If you only discover the theft or loss of (for example) both device and master password after a while, then you should of course also change all passwords stored in mSecure immediately.
.