Password must be long and random enough,   so it is very convenient to use 'Password Manager' programs for generating and storing  long and random passwords.  However, there are several drawbacks here. 

 

1. As you know, there are 'password-guessing' modules that perform  dictionary  or brute-force attack on any password-based encryption software. Certainly,  if you use  good password for your password storage, it is difficult to guess it.  However, if such accident  happens, the hacker will get access to ALL your other passwords at once. 

 

 2. By design of BestCrypt, a password exists in memory only for a very  short  time -  it is erased from memory just after generation of hash value. As for key storage  programs,  we do not know how it is implemented and we are not responsible for  other software.  When you have your password storage opened,  can you be sure that the generated and stored passwords do not exist in  memory or in the pagefile?  The careful analysis of each utility separately is needed. 

 

3. What about reliability of encryption used for storing the passwords on  the disk? Again, it is necessary to investigate the matter for each  utility. 

 

4. If the program has an opportunity to put a password into the appropriate  software  (BestCrypt or other) automatically, then it is very likely that there is a  possibility to catch the password during the transmission.  If it has not such opportunity, it is very likely that you will use Windows  Clipboard for entering the password  and this is not recommended either, in the context of security.  The best level of security is achieved if you enter the password to the  password edit box directly  from the keyboard and BestCrypt Anti-keylogger is turned ON.


Generally, if you use BestCrypt in conjunction with a Password Manager, the level of security becomes equal to the level of security of the Password Manager program.