Either software or a service for managing your ever-growing number of passwords is critical for your security AND your sanity. There are just too many passwords to keep track of and a stolen password will ruin your day. You can avoid these pitfalls with a password manager, and it may not cost you anything.
Why You Need a Password Manager
It is very dangerous to use the same password for all your Internet accounts. If you do use the same one, you can assume that your password will be stolen at some point and published on the Dark Web. For example, if you use the password “Fluffydog420” for your mobile phone, email, electric/water utility, streaming services, and online shopping accounts, and you get phished, then your password will be sold on the Dark Web, and criminals will be able to access those Internet accounts.
The reason many people use the same password for all their Internet accounts is to make things easy by only having to remember a single password. But their lives become extremely difficult when that password gets stolen, and they must reset their password on all those website accounts.
A password manager will allow you use a unique password for each Internet account and has the added convenience of auto-filling your login information for you. This really speeds things up when you aren’t typing in usernames and passwords all day long.
Are Password Managers Safe?
The short answer is, yes. Behind the scenes, a password manager stores your passwords in an unbreakable, encrypted database on your computer. A copy of this encrypted database is stored on the password manager provider’s servers which allows it to be synchronized onto your other devices, such as your mobile phone or notebook or desktop PC.
You access the encrypted password database by a single master password that you create during the initial setup process. So, it’s important to keep this master password safe. If you forget it, you may likely be locked out of your password manager as the password manager company does not keep a record of your master password and cannot reset it. This is a crucial security factor. If your encrypted database is stolen from your computer or the password manager provider’s servers, it is useless to the theft without the master password.
Nearly every IT professional and cybersecurity expert I know uses a password manager because they understand the safety benefits and are confident that their passwords will remain secure.
Next Steps: Getting a Password Manager
- Sign-up for a password manager according to your personal, family or business needs and budget.
- Install the password manager app on your computer and mobile phone. Installation includes adding a plug-in to your web browser (e.g., Chrome or Firefox).
- During the installation process, choose a strong passphrase for your master password. I recommend using the XKCD four-word random passphrase. Follow this link and click the “passphrase” type.
- As you visit websites, save your login credentials in your password manager.
- If you are using the same password for multiple Internet accounts, now is a good time to change them to unique passwords. And you can use the random password generator feature of your password manager.
Summary of Popular Password Managers Features
(as of July 2022)
| Bitwarden | 1Password | LastPass |
|
Free – personal, unlimited devices $10/yr – premium $40/yr – family, up to 6 users $3/mo per user – teams $5/mo per user - enterprise |
No free option $3/mo – personal $5/mo – family, up to 5 users $20/mo – teams, up to 10 users $8/mo – business |
Free – personal, one device only $36/yr – personal (premium) $48/yr - family, up to 6 users $48/hr per user – teams $72/yr per user - business |
| Cloud storage in Azure or self-hosting | Cloud Storage | Cloud Storage |
| No trial; free personal edition | 14-day free trial | 30-day free trial for Premium |