With all the password requirements nowadays, complexity requirements, expirations, lockouts, etc., it is nearly impossible for anyone to remember all of their passwords and which one to use on which website without some form of documentation. Many do-it-yourself solutions have arisen, from a notebook you keep in your desk drawer, to a Word document on your Desktop, or even a whiteboard behind your PC. The most secure method though is to use a Password Manager; a third-party app that encrypts and stores all of your passwords for you in one place, keeps it organized and secure. Read on to learn more about the benefits and features of Password Managers.
What is a Password Manager?
A Password Manager is an app that stores your passwords and login info in one central, secure location. Usually encrypted and stored on the cloud, this allows you to access your passwords from multiple devices and sync them seamlessly between them. Many Password Managers also allow you to store other sensitive information, such as bank account numbers, credit cards, addresses, phone numbers, etc. Usually, you have a master password that you can use to access your passwords, but some apps require additional authentication, especially on new devices, such as biometric data (finger print, face scan, etc.) or a secret key. Typically, these apps include a plugin for your browser to auto-fill the stored passwords on websites it recognizes.
Why do I need a Password Manager?
Password Managers can resolve nearly all the potential insecurities surrounding password creation, management and storage. Most Password Managers will let you know if a password you are creating is weak or used on another website. Password Managers can generate secure and random passwords at the drop of a hat. Many will compare your passwords to lists that have been shared on the dark web and let you know if any of them have been compromised.
Password Managers give you the tools to protect your security online. However, a Password Manager isn’t going to change your passwords for you. Spend some time when you first set up your Password Manager to follow its suggestions and update the passwords that have been identified as insecure or compromised, and make sure you store the updated passwords for posterity!
Password Manager Pros and Cons
There are several benefits to a Password Manager and a few potential drawbacks. Here are a few:
- Pro: You don’t have to think up passwords anymore. Password Managers can generate secure passwords for you, automatically enter them into website account creation fields and store the password. Usually, these generated passwords are just a string of random characters, numbers and symbols, making them even more difficult to crack.
- Con: In the unlikely event you lose access to your Password Manager, you won’t be able to get into any of your accounts without resetting your passwords, since you won’t remember any of those complex, auto-generated strings of characters that were created for you.
- Pro: They can save you a lot of time and effort. When visiting a website that requires a login, it’s a lot easier and quicker to just autofill the stored password than it is to find or remember the password, then copy/paste or type it in manually. It saves a ton of headaches!
- Con: When you never have to type in your password, you never are reminded of what it is, and you’ll very likely forget it in short order. As long as you have your Password Manager, this isn’t a problem. But the minute your phone falls off the side of that cruise ship on your Caribbean vacation…
- Pro: Your identity is protected. Since Password Managers make it easy to have a unique password for each login you create, if nefarious actors get into one of your accounts, they won’t be able to use that password to get into anything else.
- BIG Pro: They can help protect you from Phishing Sites and other potential scams. When Password Managers save passwords, they get linked to a specific website URL. Most phishing scams attempt to convince you that you’re visiting a legitimate website although the URL is different. They then con you into entering your username and password, which they then acquire and use to access your legitimate account. Since Password Managers link to URLs, when you visit a phishing site your credentials don’t autofill, thereby giving you an additional clue that the site provided is not legitimate.
- Con: As with anything on the internet these days, Password Managers are only as effective as you make them. No matter how many times your Password Manager tells you your password is not complex enough, or is compromised or stolen, if you don’t do anything about it, the Password Manager can’t help you.
Tips to Effectively Using a Password Manager
Now that you’ve found a Password Manager that you like and have signed up, it’s time to start getting it set up. Here are some tips to get started:
- Make sure you install the plugin for your browser that comes with your Password Manager before you do anything else. If you use multiple browsers, install the plugin on each.
- Start visiting websites and entering passwords. When you see the prompt to save the password in the Password Manager, make sure to hit it.
- If you’ve been saving passwords in your browser already, you can open up that list of passwords from the browser settings to review and make sure you’ve gotten them all into your Password Manager.
- Don’t forget to disable password saving in the browser itself. Otherwise, you may end up hitting the wrong “save password” button and not save them all in the right place.
- Set up all your devices to connect to the Password Manager in the beginning. Print out and store your secret key or whatever added authentication your app needs to set up new devices somewhere secure (i.e, lockbox, safe, safety deposit box, etc.).
- If you’re going to write down your master password, make sure to keep it separately from your devices, and do not label it “master password for Password Manager” or something similar. At least make it hard to recognize its purpose in case someone else finds it.
- Need some help setting up and getting your users going with your chosen password manager app? Contact Vermont Panurgy today to see how we can help!