Manage Passwords – Safely and Securely
Managing your passwords is the first step to staying safe online
Passwords have become a huge part of daily life and keeping track of them can be daunting. Your passwords are one of the core parts of online security. To protect yourself, it’s important to have a different password for every site and service you use. That way, if one is compromised, hackers only gain access to one account instead of several.
Having your password stolen isn’t a reflection on you as a person. In a world where huge companies like Facebook, Target, and Equifax have had data breaches, there’s a good chance that a stolen password isn’t even your fault. But the very fact that these thefts are out of your hands is why you need to vary your passwords.
But how can anyone keep track of them all? In a world where the average internet user has 100 passwords, managing all of those different logins can go from unlikely to impossible. That’s where good a password manager comes in handy. Password managers store passwords to all of your online accounts in one place and will automatically fill them in when you go to log in.
Are password managers safe?
Some people have safety concerns about password managers. It’s an understandable fear. Using a password manager can feel a little bit like putting all of your eggs in one big, digital basket. But using a password manager is very safe – as long as you keep the password to your password manager secure. That’s the key to the kingdom, so make sure it’s strong and don’t share it.
The good news is that with only one password to remember, keeping it safe should be easy. And considering that the alternative most people use is “reuse one or two passwords on dozens of sites,” password managers are worlds more secure.
Bonus security benefits
Even if you have an incredible memory, there’s an added benefit to many password managers that can keep you even safer online.
Suppose that you accidentally wind up on a fake, look-alike website. Maybe you clicked a bad link, or maybe you just mistyped a URL, and now you’re on a fake page that looks like your bank’s website but isn’t.
The website may look like a perfect duplicate, but your password management software will generally not be fooled. If the domain doesn’t match the domain of your actual service, your password manager won’t serve up your credentials. If you know that you have a password saved for a site, and your password manager isn’t responding, that might be a red flag that you’re on a fake site. You can learn more about which password managers offer these protections in our own study.
Using your browser's password manager
There are plenty of companies that offer password managers for a price, or for a regular subscription fee. However, most popular web browsers will also offer to save your passwords for you, and many even offer a password generator. Google Chrome, Apple Safari, Microsoft Edge, and Mozilla Firefox all offer this service, and there are quite a few benefits to taking advantage of it. Built-in password managers are free. They don’t require any additional downloads or effort. And as long as you stay logged in to your favorite browser, your credentials can follow you from device to device. For example, if you save a password in Chrome on your laptop, that password will also fill automatically in Chrome on your phone.
If you frequently switch between browsers, some of the convenience is diminished. But browsers offer another benefit that not all third-party password managers have: Most of them will warn you if a password you use was included in a data breach and prompt you to change it.
Using two-factor authentication (2FA) to improve your online security
Whether you use a password manager or not, multi-factor authentication (MFA) or two-factor authentication (2FA) can help protect your data online.
You may already be using this kind of security for some of your important online accounts. With two-factor authentication, you’ll enter your password, and then a one-time only code is generated and sent to you. This may come as a text message or an email. You’ll have a limited time to enter the code to log in, and once you’ve used it, it can’t be used again.
The benefit here is that even if your password is leaked or stolen, you have an extra layer of protection. Unless the person who stole your password also stole your phone, they’re going to have a hard time logging in to your accounts.
Using 2FA takes a few extra seconds, but it’s an important step in keeping yourself secure online. And with the time your password manager saves you, it probably all evens out in the end. If a site offers 2FA/MFA, take them up on it.
Paper – the simple way to keep your passwords safe
Of course, you do have one more option when it comes to protecting your passwords: simply writing them down. A notebook may seem old-fashioned, but it can’t be hacked.
There are plenty of people out there who hesitate to trust a password manager. In fact, 65% of people said that they don’t, in a 2020 survey. And while it’s understandable that people may not want to put all their passwords in one place, you still need some kind of solution for managing your login credentials. Using the same password everywhere is a far bigger security risk than trusting a password manager with your information. If you absolutely don’t want to use a password manager, write your passwords down and keep them hidden somewhere. They odds of being hacked are way higher than the odds of someone breaking into your home and rummaging around your sock drawer for your login credentials.
With people 55 and older in particular reporting that they feared password managers being hacked, pen and paper is a great way to keep senior citizens safe online.
However you manage them, multiple passwords are best
Password managers are a great way to keep track of the dozens of logins that modern life demands. They protect you from falling back on password reuse, and some of them even provide an added layer of security by warning you of potential fraudulent sites.
But no matter how you choose to add security to your logins—whether through password managers, 2FA/MFA, or simply writing your login info down on a piece of paper, the most important choice you can make is not to reuse your passwords on multiple sites.