パスワードの安全性を高める

始める
CTA icon
Masked passwords don't work

"Masked" Passwords Don't Work the Way You Think

March 4, 20223 min read

Password Management

"Does TeamPassword mask passwords so that users can't see the password itself?" 

We get this question a lot. And the short answer is: No, we don't. 

And here's why: it doesn't work. At least not the way you think.

Other password managers advertise password masking as a feature; some even charge more for it. Their pitch is that by masking the password, users can use a password but won't be able to see what the password actually is, and therefore the password and the login are protected from unauthorized use. The truth of the matter lies somewhere in between. 

What does masking passwords do?

Masking does visually block the password so that users can't immediately see what it is. This is useful to prevent someone from looking over your shoulder and seeing what the password says. But it doesn't stop a user from finding out what that password is.

Why doesn't masking passwords work?

There are simple ways a knowledgeable user, or a user with half-decent web search skills, can uncover a masked password. In some cases, users can copy and paste the masked password into a text file to do the trick. Or, users can run a javascript function. There are many ways to reveal masked passwords, many of which can be found through a simple web search.

So what does this mean? It's simple; masked passwords are no safer than unmasked passwords from users that want to know what they are.

How can you keep passwords safe?

At TeamPassword, we do mask passwords as the default view so that users and non-users can't immediately see the password. That makes sense. But any user can unmask the password and see what it is.

However, TeamPassword doesn't believe in selling a false sense of security. Instead, we think it's better to maintain good password hygiene by resetting passwords regularly. That's the best way to keep your passwords safe.

Don't want a team member to access a login? Don't share it with them. Want to know who has used which login? Check the activity log. Don't want a team member who has left the company to access accounts they had access to? Change the passwords on those accounts after they leave. 

Password management is critical to keep you, your business, employees, and customers safe from cyberattacks, especially if you have a remote workforce.

Masked passwords may make you feel safe, but that false sense of security may make you vulnerable because you are less likely to practice good password hygiene. 

Don't be suckered into paying more for a feature that doesn't work. Check the logs, update your passwords, and be sensible about who has access to what.

Don't know how? Ask us; TeamPassword is happy to help!

facebook social icon
twitter social icon
linkedin social icon
パスワードの安全性を高める

パスワードを生成し、正しく管理させるための最適なソフトウェア

TeamPassword Screenshot
おすすめの記事
Microsoft Windows updating on a laptop

Cybersecurity

June 4, 20235 min read

How to Disable Microsoft Edge Manager in 3 Steps

Keeping track of passwords has gotten out of hand. Edge offers a built-in solution, which might not be ...

Safari browser logo with a No symbol over the top

Cybersecurity

June 1, 20234 min read

How to Disable Safari Password Manager in 4 Steps

Keeping track of passwords has gotten out of hand. Safari's built-in solution might not be right for you. ...

Man making a skeptical gesture while holding laptop with Firefox logo

Cybersecurity

June 1, 20235 min read

How to Disable Firefox Password Manager in 4 Steps

Keeping track of passwords is tough. Firefox offers a built-in solution, which might not be right for you. ...

チームのためのパスワードマネージャー

TeamPassword は、チームのIDとパスワードを保存および共有するための、最も速く、最も簡単で、最も安全な方法です。