How To Use The Ledger Nano as a Password Manager.

in security •  2 months ago

I love my Ledger Nano. It is on me at all times; it works as my second-factor authentication, meaning that it replaces my phone, and even if my computer and phone are compromised I can still feel safe when using it. But today I'll discuss how to use your Ledger Nano as a password manager.

IMG_20180907_112250.jpg

I am uncertain about some of the things, as this has no specific documentation; I am also kind of uncertain that using the same device both as a password manager and a second-factor-authentication is the right thing to do.

Now, this is where the hard part comes in: your Ledger needs to be connected, and you need to select the password out of the list on this small screen and with uncomfortable keys. This means that I recommend using Ledger as a backup password for two or three power services, not for things you need to type daily; especially due to not being able to use it with your phone.

Password are based on your Ledger's seed; meaning that you can recover them when (/if) you lose your ledger with your backup seed. All you need to know is that you need to name your passwords differently.

For example, if you set your password for "gmail" then the ledger will output one specific password and with "GMail" you will get another. This means that you need to let your people (who will recover your accounts) that you used all lowercase (or all uppercase, or something else) and how should they recover with your seed.

How to define passwords: this is actually the hard part. In order to use your Ledger as a password manager you need first to generate a password; you should install the "Password Manager" app, which takes up some space (meaning, you can't have Ethereum, Stellar, Bitcoin, Monero and Password Manager) and you need to type the service name. Now, every time you type the service name, regardless of its position, it will generate the same password. When you click both buttons, the Ledger shall act as a keyboard and send your password to your desktop.

First, you log into your Ledger Live application and install the Password Manager:

Screenshot_20180907_112041.png

You'll be requested to authorized and install it. Then, comes the hard part; open the "Passwords" application inside your ledger.

IMG_20180907_112250.jpg

Select "New Password" and choose your password type ; in order to allow full recovery I suggest clicking "with" on all of them.

IMG_20180907_112336.jpg

Then you'll need to type the service's name:

IMG_20180907_112525.jpg

Now, you go into "type password" and select the service's name:

IMG_20180907_112610.jpg

When you press two buttons, this will repeat itself.

How to use the Ledger. Once you selected your password, you just need to click both the Ledger's buttons to send your password. It's dead simple. The thing is that browsing through the list might be a hassle. If you're like me, and your browser's password manager has thousands of passwords for thousands of websites, then, well, you can't really use this. Why? because browsing and locating your eBay is not that easy; moreover typing these on your phone (even if you copy-paste then from your Ledger to your computer) is not that comfortable.

This means you need to link your Ledger to your phone and use it as a USB device if you want to type your password on your phone. Will it work? Nope.

Risks: first of all, losing your Ledger. If you lose your Ledger, especially if this is your second factor authentication device, you will lose access to your accounts. Of course, recovery is quite easy, but this is a main risk.

The second risk is that services which require you to change passwords often might be confusing. This means that if you had "bank" as the text, and you then needed to replace your password to "bank1" after three months, then if you lose your ledger you will not be able to remember that you did this; and your loved ones who treat your Ledger after you die won't be able to as well.

The third risk is of course that if you lose your ledger and someone guesses your PIN, then can access ALL your services. This is, of course, because your ledger is both your password manager and your second factor authentication device.

Does this mean I will switch to Ledger as my main password service? no. Will I use it as a backup device? Might be.

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Interesting, I didn't know the ledger nano can be used in such way.

Posted using Partiko Android

I want to use Ledger Nano as a Password Manager. Your post has impressed me. You have mentioned some risks of using these. Inspite of all these, this is really useful device.

·

thanks. my main concern here is that if I need to replace a password because it was compromised I can't.

·
·

Besides being locked down to a seed-based password, I'm not sure I like the extra wear and tear and exposure of my Nano by using it beyond its intended purpose.

·
·
·

the ledger is, well, supposed to be used daily, not as a cold storage device. That's why I hold only minimal amounts of coins on it and use it as a second factor authentication device.

I have another one that's a cold storage.

its a good device somehow

Congratulations @jonklinger! You have completed the following achievement on the Steem blockchain and have been rewarded with new badge(s) :

Award for the number of posts published

Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word STOP

Do not miss the last post from @steemitboard:

SteemFest³ - SteemitBoard support the Travel Reimbursement Fund.

Support SteemitBoard's project! Vote for its witness and get one more award!