Passwords and Security

Passwords

Just like having a different key for your house, your office and your car, you should have different password for your various accounts. If you use one password for all accounts and it is compromised, then all of your accounts are compromised.

How do you remember all of your passwords? Use a password manager.

Consider your most important accounts and have the strongest security. The obvious are your bank and credit card accounts, but do not forget about the accounts that are used to access other accounts. For example, your email address is usually used as your username. Even when it isn't, that is where the "I forgot my password" resets and other notices are sent.

Be sure to keep your email account secure.

Use the additional layer of Multi-Factor Authentication as much as possible.

Password Managers

Do not reuse passwords. You should have a different password for all accounts. In order to keep track, you should have some kind of password manager.

A password manager is an app that stores all of your passwords in an encrypted format. This means that you only need to remember one password to access all of your other passwords. Think of it as having a key lock box to store all of your keys. Most password manager also have a generator to help you come up with and keep track of strong passwords.

When choosing a password manager, be sure to select one that has an app for all of your devices and a plug-in for all the browsers you use. You are more likely to use strong passwords if you do not have to type them in everywhere. A good password manager setup will fill in the password wherever you need it and reduce typing passwords to a minimum.

Note that, like all cloud storage services, you are trusting your data to a third-party. If you are not willing to take that risk, you should select a local file only manager that does not sync to a cloud database. Look for zero knowledge, end-to-end encryption, which means that the vault cannot be decrypted without your master password and that the company does not have access to that.

Review

Check out Cybernews comprehensive review of password managers:
https://cybernews.com/best-password-managers/

Dashlane and 1Password

Dashlane and 1Password are both highly rated cloud-based password mangers. They have very similar features. Like any other choice between similar products, it comes down to preference and how it meets your needs. Be sure to check the integration with your smartphone and other commonly used devices. The main reason for a cloud service, aside from automatic backup, is to synchronize your passwords, so you need to ensure that the one you choose works on all of your platforms.

Check out this link for more on these two leading password managers.

Bitwarden

Bitwarden offers all of the basics needed in a password manager, including availability on multiple devices as well as plugins for most browsers. The free version is fully functional, and the premium version is very reasonable.

KeePass and vairents KeePassX & KeePassXC

KeePass is a free open-source application that encrypts a file to store your passwords. There are versions for other operations systems, like MiniKeePass for iPhone and KeePassX for Mac; and they all support the same file types and encryption. KeePass has many features, but all of the variants having similar names can be confusing.
The KeePass model is a local file based password manager. This is far more secure than the counterparts that sync across devices, but much less convenient. This is recommeded for more advanced users.

Tip: When starting off, go with the 2.x version of the database.

Apple Passwords App and Google Chrome Sync

New as of iOS18, Apple Passwords is the built-in password manager for Apple products. It is synchronized through iCloud, so you only have to remember your Apple ID password or at least have access to your iPhone or iPad to unlock. Passwords sync through Keychain and are available on Windows with iCloud for Windows. The Passwords app can also be used for MFA and passcodes.

Similarly, Google can sync your password across your Android devices and Chrome, including Chromebooks, using your Gmail account.

Tip: Unless you are "all in" with either Apple or Google, these methods have their drawbacks. It is nice that they are built into the phones and do not require an additional account, but there are too many limitations when you start introducing other devices.

Browsers

Google Chrome, Microsoft Edge and Mozilla Firefox also offer the ability to save your passwords and sync them when you sign into your browser with a free account.

Saving your passwords in the browser is better than nothing, and most browsers let you see the passwords you saved in the settings. When you sync your account, your passwords will be available on your other devices as long as you are using the same browser and signed in with the same account.

Remember, though, if you are saving your passwords in Chrome with your Google Account and it becomes compromised, all of your password could be compromised, as well.

Paper Notebook

Yes, keeping your passwords written down in a notebook is still better than having to remember them or using the same password for everything. Just be sure to keep the notebook in a safe place (don't carry it with you!). While not encrypted and susceptible to anyone in proximity to your hiding spot, this method will never be hacked online.

Tip: Use an address book. They are easy to find, usually pretty sturdy, have convenient alphabetical tabs for organizing accounts and would not be an obvious place for passwords should someone be rifling through your desk.

Page updated

Report abuse