Generating secure passwords can be a stressful and frustrating experience. There’s a fine balance between picking a password that’s secure and picking one you can remember. But what if you didn’t need to remember your password at all in order to securely log in to every website you visit?
That’s exactly what a password manager does. Password managers help solve the security vs. ease-of-use problem in an easy way. They install as an add-in to your browser, as an app on your phone, or as a program on your computer, and they take over the job of generating and remembering your passwords for you.
One Password Only
Password managers work by having you create one “master” password for the service, which is the only one you need to remember. Since it’s the only password you need to know, it should be pretty long and secure. In most cases you can also enable two-factor authentication to make your account even more secure. Once you’ve created your account and selected the master password, you can start using your password manager to generate and remember passwords for each site you visit.
Unique Complex Passwords Each Time
The main benefit of a password manager is that it will generate a secure, unique password for each site you visit. You tell the manager the rules you want for the password, such as length, whether or not to include upper- and lower-case characters, numbers, or symbols, etc. From there, the manager will remember the site and the credentials and will pre-fill the login form the next time you visit.
We’ve discussed the benefits of not re-using passwords before, but the main reason is so that if a website gets hacked and your unique to that site password is compromised, you have to worry about changing only the password for that site. You can rest easy knowing that the rest of your accounts are safe. With a software program doing all the hard work, there’s no reason to not have 15, 20, or more character passwords. These passwords are totally random, and there’s very little chance they could be breached just by guessing or brute force.
Password Security Questions & Secure Notes
Many websites ask security questions to confirm your identity or to reset a password. Often these questions are pretty basic; the answer could be found with a web or social media search, allowing someone to easily reset your password and gain access to your account.
Password managers allow you to store secure notes or text, so a good practice is to generate a random 20+ character “password” for each security question and store the question and answer in a secure note about the website. There’s less chance that people will guess your first pet’s name is “Gf^s@MWzE9I!9V2xc39o” than “Rover.”
Keep In Mind
Password managers give you the option of staying logged in on your browser, phone, tablet, or computer. Doing so increases the convenience factor, as you don’t need to type your master password each time, but it also decreases your security—if your device is stolen or compromised, the attacker will have full access to all your account credentials.
Password Managers We Like
We’ve had success with LastPass, 1Password, and KeePass. Visit each website and determine which one fits your workflow best.