Password mangers are software tools used to store and manage your passwords and other secure credentials. These tools are often utilized in the form of browser add-ons and mobile apps but can come in other forms like full desktop applications. Most of these apps are free or have low cost paid tiers for more features.
These tools come in all sorts of varieties and from all sorts of companies, but nearly all of them store your username and password for a website and all you to generate a random password when creating an account. Some come with other features to store addresses, payment, information, and other common auto-fill information, but for the purpose of this guide, we are focusing on the password and security side of things.
Tip: Browser Add-Ons are tools downloaded directly into your computer’s internet browser (Like Google Chrome or Microsoft Edge) and are accessible via small icons near the address bar of the browsers. Mobile apps are the applications that you download from the Google Play or iOS App Store that allow the use of your passwords on your phone.
Why are Password Mangers Useful?
When it comes to the online security world, password creation and storage is a hot topic issue and there are many viewpoints on many sides that can cause a lot of confusion. However, nearly all security specialists agree on a few things. First, the worst password habit is reusing the same password on multiple websites. Second, the next worse habit is using weak and easy to guess to passwords. We will go into detail about why those are bad at the end of this guide for the curious, but they are terribly bad habits to have and will end up coming around to bite you in the long run.
Thankfully, password managers are great at fixing both habits. Nearly all password managers include a password generator, which is a simple tool to generate a password such as “zgPbsjwy^z9He!o$Jo7c” without you needing to memorize a thing! This allows you to not only use a custom password per website, but it also lets you create long and complex passwords without any memory issues.
Yes, there are many password techniques you can learn to create complex and unique passwords, but for many people these are just as hard to remember as the password itself.
On top of the bonus of having strong passwords, the managers also allow you to store all your accounts and passwords in one place. Which is fantastic as we all know of accounts we can no longer access or a website that we think an account exists for but have no idea the username. There are some concerns about having all your accounts in one place, but we will address that in the next section.
How Can I Make Password Mangers Even Better?
The main concern with password managers is collecting all your passwords in one place. However, one of the newer security tools available to users is Two-Factor Authentication and it is simply amazing. Two-Factor Authentication (or 2FA for short) is the concept of using a secondary device (generally your smart phone) to approve a new login to your accounts. You have an entire guide on them and highly encourage using 2FA on all your important accounts.
Grouping 2FA with a secure password manager means a person would need to figure out the account you use on the website, then break into the password manager to get your unique password for that site, and then use your phone to allow the login to the account. As you can see, this is not a very plausible process for someone who does not even know who you are. Granted, no website is “hack-proof” and just like any locksmith, security company, or cyber security professional will tell you, no security system is perfect or foolproof. Therefore, we highly recommend reading our Once Online, Always Online guide for safe use of the internet.
What Should I Look for in a Password Manger?
1Password, Bitwarden, Dashlane, Keeper, LastPass, RoboForm, and so many more password mangers exist and all of them are quite good. It is simply too hard for us to keep up with this market and to track what software has what feature and if that feature costs money or not.
First, we recommend looking for security of your account above all but that can be an extremely hard task for most. This is one reason we generally do not recommend the password manger built into your browser as it is often cumbersome to secure those accounts on devices and control the use of your passwords by other local users. Make sure you can lock out the add-on by your preferences (like every time you close a browser or by X amount of time) while also being able to keep the app unlocked for ease of use on your personal computer that you do not let others access. Being an opensource software is always a plus for security and is why I personally recommend BitWarden to others as it is currently the best opensource password manager at the time of writing this.
Second would be ensuring the features you need are included for free or that you are willing to pay the price for them. Make sure the software can be used on all your devices (Windows, Mac, Android, iOS, etc.) so that you will use it. Also make sure the software includes a password generator for creating passwords so you can benefit from custom passwords. Ensure the software can use 2FA as it is unbelievably recommended to provide an additional level of security, remember, this will likely end up storing your banking and shopping account information. Lastly, find one that allows you to store notes with the account as this can be helpful for troublesome account problems like the one that mandated you provide a security answer for “what was your favorite butterflies name during third grade” or even for storing backup codes and such.
Third is an underrated feature that you likely will not even know about until you have an account. That feature is the ability to export your accounts and passwords to a different software. You never know what company will go under or who will sell out for terrible security, so being able to simply pickup and leave is a great and often forgotten feature to keep an eye out for. You can try searching “how to export passwords from ABC Manager” to find out the process before signing up, but since most password managers have a free tier, you can simply try it out after signing up.
Also do not be afraid to go with the manager that is linked into your other services. It is becoming common for anti-viruses and other security-based software to partner with a password manager and save you a few dollars. As we stated at the beginning of all this, most password managers are good services.
Creative Ideas for Password Mangers
So, password managers seem to be a solid security tool in the modern-day digital world. However, they also offer creative ideas to work around common problems faced in the modern age. Family sharing is often a feature of these managers (although nearly also a paid feature), but for a few dollars a month you can no longer have to constantly text your Netflix password to your kids or login to the family Amazon account for your significant other as they will all be able to share those accounts.
These tools are also great for small (or large) businesses who have shared accounts and such. Storing these accounts on post-it notes and such is an awful idea, so why not upgrade to a shared business account and give your company’s security a huge boost.
Also, to end this on a tip, do not forget that these tools allow you to copy and paste your account information. These is a great solution for logging into applications that simply do not work with password mangers (like Steam’s desktop app for gamers). Plus, they also allow users to see the password as plain text, which may not sound useful until you need to login on a company computer or perhaps a smart TV and simply typing the password is your only choice. Yes, these tools can save the passwords to your work accounts and even offline software as their apps allow you to search for the account and bring up the username and password, e.g., for that combination lock code to get into your old tool shed or your home camera system.
Bonus: Why Reusing Passwords is a Terrible Security Risk
Earlier we addressed that using weak passwords and/or reusing passwords are universally considered poor security. Weak passwords are straight forward as they are easier for programs and bots to guess. Reusing passwords has become a problem as sites are often “hacked” or otherwise have their security comprised and even the massive tech giants have been found to store passwords incorrectly and accessible to bad people.
Once a password is exposed, it is often exposed with the email or username associated with it. This means, that using a password on Site A that ends up getting comprised means those same people can load that username and password combo into a program to go after Site B. In short, you are potentially allowing access to your Amazon and Bank accounts by using that same password of some gaming website that has sat without a security update for the past ten years and is now compromised.
Check Out The Forum Topic For This Guide Below