Using A Password Manager
How can I remember all my passwords?
Spoiler alert: The answer is to avoid trying in the first place.
Using a password manager helps you to easily use and remember a unique password for every one of your online services. Examples of password manager software include 1Password, LastPass and DashLane. Many of these tools sync your passwords between your devices, so they are always at your fingertips, in addition to automatically and securely filling out website login pages.
Password Best Practice
Every one of us, individuals and businesses alike, carry the weight of hundreds of online accounts. Some of them we use all the time – think Online Banking, Facebook, Amazon. Others we might have forgotten we ever set up, perhaps an old supplier’s website, or an online service which you never used again.
As impossible as it seems, we are advised to use unique passwords for every single one of our online services. The logic is illustrated by the following example:
- I think my online bank is unlikely to be hacked because it must surely have all the very best security experts protecting it
- My online banking password is pretty secure because I use numbers, letters and special characters in it
- I can’t remember lots of different passwords, so I’ll just use my nice, secure online banking password whenever I am asked to sign up to another online service, for example the local council website
- Oh dear – I just heard my local council’s system was hacked and my password was accidentally revealed in a data breach
- Oh dear – somebody now has access to my online bank, and every other account where I used the same password
So it’s easy to understand why unique passwords are vital to cyber security. But how on earth do you think of them, let alone remember them?
Using A Password Manager
A password manager serves several functions:
- Generating and remembering a complex, random password when you sign up to new online services
- Recalling and auto-filling those same passwords when logging in, for convenience and also for security (since you don’t need to even look at or otherwise reveal the password when you enter it)
- Generating one-time passcodes when 2-Factor Authentication is being used
- Warning you when a password has been revealed in a known data breach
- Warning you when a duplicate password has been used elsewhere for one of your other accounts
In its simplest form, a password manager will help you to generate really complex passwords, and will help you to remember them when you revisit that website.
How It Works
Let’s say you have installed a password manager on your Mac or PC.
You log into Amazon. The password manager will notice this and say “Ah ha – you’ve just logged into Amazon!” – it will offer to remember that password for next time. If you revisit Amazon in future, your password manager will fill in the username and password on your behalf. This means you don’t need to remember it, or manually type it in ever again.
If you log into Amazon using your smartphone tomorrow, and you have the same app installed on there, likewise it will offer to fill in that saved password for you.
Over time, you will therefore build up a very detailed database in your password manager, listing all your online services and corresponding passwords. It will then help and encourage you to make every password for every service more complex and completely unique. Since you’re no longer having to remember or type the passwords in, you can make every password totally random and very long indeed. This makes it impossible for anyone to log into your account. Even if they can make an educated guess based on who you are, your likes and dislikes and therefore what your password might be.
Is It Secure?
You might wonder if it’s a good idea to put all your password eggs in one basket.
All password managers store the database of passwords in an encrypted file. It is impossible to decrypt the file without the master password. So, you only ever have to remember the 1 master password. This gains access to your cache of other passwords, which may run into the hundreds or thousands.
Since you only have to remember 1 password, this can be suitably complex and unique, stored exclusively in your brain. You could perhaps have a backup copy in a safe or stored with a trusted family member or colleague.
Can Businesses Use A Password Manager?
Yes. It’s not usually a problem if you run a business and need to share passwords for online services between members of staff in a secure manner. Most password manager solutions will provide a ‘team’ or ‘sharing’ solution where this is made possible. Often you can group staff members together in tiers, allowing only more senior staff access to the more sensitive passwords.
If you want to learn more about using a password manager in your business, or at home among your family, get in touch.