You Need a Password Manager

Using a password manager is one of the top safety tips security experts recommend, and it's much easier to set up than you realize. Most people have a small group of passwords they try to remember and reuse on different websites and services. The issue with this approach is if your password is compromised on one website or service and you've used it with several other sites, those sites are also potentially compromised.

What is a password manager?

A password manager is an application or service that helps you create longer, more secure, unique passwords for each site or service you use. Many password managers have browser extensions that can autofill your username and password directly into your website; some even have Windows or Mac applications that you can install for offline use. In a nutshell, a password manager is a secure, encrypted vault that stores all your credentials.

What's required from you?  Just remembering your one master password to access your vault.  Seriously, don't forget it.

"If you're having login problems I feel bad for you, son.  I've got 99 passwords and remember only 1." ~Jay-Z

Step 1: Pick a Password Manager

Beyond choosing a secure master password, this step is essential. You'll want to do your research to see which password manager fits your needs. Several options are available, and each has a different set of features. We recommend looking into 1Password and Bitwarden as these services offer a wide range of features and affordable pricing plans for individuals and families.

Step 2: Pick a Strong and Memorable Master Password

During the signup process for your new password manager, you'll be asked to choose a strong password or, better yet, a passphrase. Don't overlook this step. This password will protect all of the other passwords in your new vault, and you'll want to make sure this password meets a few key points:

  1. Pick a master password that is unique to only your new password manager.  Don't reuse an old password, and don't just add an extra character to the end of a previous password.
  2. Consider using a passphrase instead of a password.  A passphrase is typically four to eight memorable words and is much longer than a typical password.
  3. Use a mix of upper and lower case letters, numbers, and special characters.

Step 3: Install Extensions and Mobile Apps

1Password and Bitwarden offer browser extensions for most web browsers that can help you quickly insert your credentials directly into a website's username and password fields. Both services also offer mobile applications for iOS and Android that can help you easily log into sites and services on your mobile phone.

Step 4: Take Inventory

One of the most convenient features of 1Password and Bitwarden is the available browser extension. Once you have signed up for one of the services, set up your master password, and installed the browser extension, your next step is to start logging into your websites and services. When logging into a new website, you'll notice that your browser extension will prompt you to save the site to your new lockbox. Go ahead and start saving all your frequently used sites and services into your new password manager so you have a good inventory of all the sites you use.

Step 5: Start Changing Your Passwords

Now that you have an inventory of all the websites and services you log into, you'll want to take the time to review each and update your password. This part can be tedious and time-consuming, but don't skip it. Having insecure passwords stored in a password manager is no better than memorizing them. Your goal is to have a unique, strong password for every website and service you use.

Start at the top of your list and work through each service. Most websites will have the option to change your password under the settings or profile option. 1Password and Bitwarden are great tools to help you generate a new secure password. Once you generate your new password, save the change on the website and update the password in your new password manager.

Step 6: Forget Your Passwords (not your Master Password)

Now that you have all new secure passwords stored in your password manager, you don't need to worry about what password you use on each website. Just remember your one master password and let your password manager fill in the usernames and passwords.

Take your time with this process. Many people use hundreds of websites and services; getting all of those into your new password manager will take some time. Add new sites and services as you visit them; don't get overwhelmed trying to take on every password at once. Consider starting with your more important accounts like banking and financial systems, social media accounts, and healthcare services. Once you have your most critical accounts secure, work through the others as you have time.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.