Imagine we’re living in a small town. This small town isn’t like others, no not at all. When we visit a shop, we have to provide a special key to prove that we are really who we say we are. We put the key in the lock on the front door, and the door either opens up and lets us in, or it simply ignores our key and we walk face first into a locked door.
The more shops we visit, the more shop owners have to know what our key looks like, since they need to make sure the lock allows the key to let us in. We are reusing the same key at all of these different shops, that way we only have to carry one key with us. Now every shop owner in town effectively has a copy of our key. The same key that we buy groceries with. The same key that we unlock our home with. The same key that we pay rent with. The same key we use to get into the office.
The safety of our key is only as strong as the weakest shop in town. If any one of those shops were to misplace their copies of customer’s keys, someone could find it and pretend to be us at any shop in town, at our office, in our home. Our whole identity, just waiting to be assumed by the lucky person who happens upon that copy of our key.
It’s really convenient for us, absolutely. But the risks are quite severe. Someone could walk into our bank, pretending to be us, and drain our account. They could walk into our office and steal company secrets. They could walk into our home, sleep in our bed, eat our food.
What if we carried a keyring instead, and had different keys for every shop?
Imagine the same small town, but now we’ve invested in a keyring that we carry with us everywhere we go. When we aren’t using our keyring, we keep it in a special vault that keeps it safe for us. We can unlock that vault with a key that only we have — though remember, the vault has to know something about the key in order to make sure we’re really who we say we are.
Each time we visit a new shop, we add a new key to the keyring. That key gets labeled with the name of the shop, and our keyring is smart enough to automatically give us the right key when we visit that shop. We don’t have to fiddle with the keyring to find the right key, and we know that only this shop knows about this key.
Now, our keyring is as safe as our vault is, as long as we keep our secret key safe. But no other shop in town knows what our key looks like, and the vault has a bunch of specialized security designed to make it as hard as possible to get into. Even if a shop were broken into, our risk would be limited to the key that we only use to enter that shop.
A common concern I’ve been met with while making security suggestions to friends and family is that they worry about the risks of putting all their eggs in one basket. “Won’t that just make it a target?”
At first it does seem counterintuitive to put all of our sensitive information into one place. If that place were compromised, we’d face a huge amount of risk. And in some ways this is true — it would be safer to keep our 2FA codes separate from our passwords, for instance.
But information isn’t eggs. We don’t use information the same way we use eggs. When we reuse a password across every site we sign up for, we’re handing out copies of the same key to every shop in town. The safety of that password is only as strong as the least careful shop that holds a copy. And shops get broken into all the time.
So yes, using a password manager is sort of like putting all of our eggs in one basket - or maybe two or three baskets. But then we put those baskets in Fort Knox and let Fort Knox protect them for us. Fort Knox can certainly protect our eggs much better than Uncle Vincent’s Video Rental can.
New posts in your inbox when they're published. No spam, unsubscribe any time.