If we had to pick one piece of advice to make connected life easier and more secure, it would probably be to use a password manager. This single tool eliminates the hassle of creating, remembering and entering passwords and increases your account security in the process.
Remember, password-hunting hackers are usually after personal information that can be financially exploited or sold on the dark web, so good password hygiene is truly a first-line defense against ID theft. If you’re not using a password manager yet, here’s everything you need to know to get started.
How Do Password Managers Work?
A password manager is a tool that stores all of your usernames and passwords in one encrypted database. Think of it as a digital lockbox for all of your online accounts. Instead of a key, you access it using a master password. Once you’re set up, the password manager autofills your login information for the websites and apps you visit. You only need to remember one password (your master password) and you only need to enter it once per session or per device (more often if you self-impose strict security settings).
Benefits of Using A Password Manager
- Increased password strength: Since you don’t need to worry about remembering every detail, password managers empower you to create truly unique and complex passwords for all of your accounts.
- Easy mobile logins: How annoying is it to enter those complicated, character-filled passwords on your phone? Instead, download the password manager app on all of your devices, and the autofill feature will enable easier logins across the board.
- Secure password sharing: Password managers let you share log-in information without sending it over in plain text. This helps ensure that the account holder always maintains primary control. You can grant and withdraw access to specific accounts without the need to share or change the password itself.
- Encrypt other personal information: Beyond passwords, you probably send a lot of personal and financial information over the web. Depending on the service you’re using and the type of account you have, you can also use the password manager to store credit card information and other common form data.
- It’s better than alternatives: Sign in with Google. Sign in with Facebook. Do you want Chrome to remember this password? Answering “yes” to questions like these could help streamline the log-in process, but it does have drawbacks. One, you don’t always know how much of your personal information that social networks share with the third-party account. Two, if you ever want to de-couple your account from Facebook or Google, you’ll probably run into some problems. Three, it’s not as secure as the encryption of a password manager. Also, social and browser shortcuts don’t boast all of the convenience features, such as syncing up across devices.
Are Password Managers Safe?
Any security pro will be quick to remind you: Nothing that’s connected to the internet is 100% hack-proof. While there is some degree of inherent risk in using a password manager, it’s certainly less risky than lousy password practices. Even the third-party group Industry Security Evaluators (ISE), which published a technical study on specific vulnerabilities of leading password tools, still hails them as “an important and increasingly necessary part of our lives.”
Password Management Tips
Using a password manager is convenient, but it doesn’t completely let you off the hook in terms of cybersecurity. Follow these steps to optimize the safety and utility of whichever password manager you decide to use.
- Sign into the password manager on all of your devices. If you’re only using a password manager on one of your devices, you’ll miss out on functionality. This usually entails signing in via web browser on a desktop and downloading an app on your mobile devices.
- Use two-factor authentication (2FA). This is a security measure that you should be using for all of your important accounts. It adds an additional layer of protection on top of your master password, to confirm that it’s in fact you attempting to login. There are different 2FA protocols, but they typically involve texting or emailing you a unique confirmation code to enter after you enter the correct password.
- Use a strong master password. This code is obviously important, so don’t skimp. Use a long password that utilizes special characters, letters, numbers and capitalization. Don’t reuse a previous password and choose something that can’t be guessed or Googled.
- Enable your password manager’s “Secure Desktop” feature, if it has one. This feature helps block off your system from keyloggers and other invasive software when you enter your master password.
- Keep your devices updated and use reputable antivirus software. Operating system updates often include security updates and patches, so as long as you keep clicking “Remind Me Later”, you’re probably unprotected. Since malware attacks frequently target personal information, including passwords, antivirus efforts are a step in the right direction.
- Practice physical device security. Lock your computer when you’re not using it to prevent tampering from other people. Take mindful anti-theft measures to prevent your device from being stolen, such as keeping them hidden from plain view and always holding onto them when in public. Also, never save passwords (especially your master password) on any shared computer.