Selecting and Using a Password Manager

In my blog Protecting Your Information Online, I recommend using unique usernames and passwords for every account you create. For most of us this creates a unique problem in trying to remember all those usernames and passwords. For most of our accounts, our email is our username, but that still leaves the passwords.

Password managers offer a multitude of benefits. They generate strong, unique passwords for each account, reducing the risk of identity theft and account takeovers. By storing all passwords in a secure vault, they eliminate the need to remember multiple login details, streamlining the authentication process. Additionally, many password managers can fill in personal information on web forms, saving time during account creation or online purchases. Password managers can be used across multiple devices, so you have your passwords on your phone, computer, or tablet. They also alert users to potential security breaches, promoting better password hygiene and overall digital safety.

Here are some factors to consider when selecting a password manager:

Multi-Factor Authentication (MFA) – Look for a password manager that supports MFA. MFA adds an extra layer of security by requiring more than just your username and password for authentication. It might involve a PIN sent via text message or an authentication app.

Password Storage Location – Decide whether you prefer a cloud-based or desktop-based solution. Cloud-based options offer convenience and accessibility, while local storage might be preferred.

Recovery of the Master Password – Although password managers eliminate the need to remember multiple passwords, you still need to recall the master password. Choose a manager that provides a way to recover your master password if forgotten, such as a special key or emergency contact.

Free or Paid – Evaluate the features versus the cost of the password manager. A free version might suffice if you only have a few accounts and do not require storing other personal information. Features such as data encryption and access across multiple devices and security such as multifactor authentication, may only be available in subscription-based password managers.

Additional Features – Explore secondary features like automated device sync, multi-factor authentication, autofill, and multi-platform support. Consider your specific needs when evaluating these features.

User Experience – Opt for a password manager with an intuitive interface. It should generate unique passwords for each account and make it easy to manage your credentials.

Among the most popular password managers, 1Password stands out for its user-friendly interface and robust security features, making it an excellent choice for new users. Bitwarden, praised for its free version, offers a solid range of features without cost, appealing to those seeking a balance between functionality and budget. Dashlane, although on the pricier side, provides a polished experience with premium features.

For those who prioritize financial features and multi-device compatibility, LastPass has been recognized as a strong contender, despite some concerns over its security in the past. Meanwhile, NordPass is noted for its overall performance, making it a top pick for many users.

You will also notice that password manager features are now being integrated into web browsers such as Google Chrome, Microsoft Edge, and Mozilla Firefox. They are designed to store, generate, and autofill your passwords across various websites. Choosing between a browser-based password manager and a third-party service depends on your individual needs and security requirements. If you have a limited number of accounts, the convenience and cost-effectiveness of a browser’s built-in manager might suffice. However, if you have multiple accounts and accounts that you would consider sensitive such as healthcare and financial accounts, investing in a dedicated password manager could provide the enhanced security and features necessary for peace of mind.

When you do decide on a password manager and begin to setup the system, to store, manage and create new passwords for your existing and new accounts, be sure to follow these best practices:

Create Strong and Unique Passwords – A strong password is your first line of defense against unauthorized access. Use a mix of upper- and lower-case letters, numbers, and symbols to create complex passwords. Avoid using easily guessable information such as birthdays or pet names. The auto create feature of most password managers will take care of this for you.

Employ Multi-Factor Authentication – Whenever possible, enable multi-factor authentication (MFA) for an added layer of security. This typically involves a combination of something you know (a password), something you have (a mobile device), and something you are (biometric verification).

Regularly Update Your Passwords – While it’s important not to change passwords too frequently, as it can lead to weaker choices, regular updates are necessary especially if there’s a suspicion of a data breach. Try to change annually and you may want to consider quarterly or every 6 months for sensitive accounts.

Never Reuse Passwords – Each account should have a unique password. Reusing passwords across multiple sites increases the risk that if one account is compromised, others will follow. Most password managers will warn you if you are reusing a password or using it for multiple accounts.

Store Passwords Securely – Ensure that your password manager uses strong encryption to protect your passwords at rest and in transit. This prevents them from being easily deciphered if intercepted.

Monitor Password Strength – Use the password manager’s built-in tools to monitor the strength of your passwords and update any that are weak or compromised.

Selecting and using the password manager that meets your needs will create a more secure and streamlined experience as you use online applications and services.

For more information, please visit the following websites:

Protecting Your Information Online