Passwords have always been a part of life on the internet. In the early days of the internet, there were so few websites that we could keep track of our passwords with pen and paper. Those were the good ol’ days…
But today, we have a password problem. With nearly a billion websites, many of them requiring some sort of user account, keeping track of website passwords quickly turns out to be not only a royal pain but also a major personal and professional security risk. Lousy password management can be a security accident just waiting to happen.
Passwords are often the ONLY thing standing between a hacker and your accounts.
I’ll give you a recent example that happened to me a couple of months ago. I was at the car dealership to buy a new car. To settle the paperwork, I followed the finance manager into one of the back offices. The finance manager pulled out an address book filled with company passwords. To my horror, there were hundreds of passwords written out on paper.
Right when I thought it couldn’t get worse, the finance manager went off to consult with a sales manager and LEFT the address book in front of me, a complete stranger. This type of situation is a hacker’s daydream.
Anyone could have taken the book of passwords and walked right out of the dealership. This book of passwords could easily compromise the financial information of every single employee and customer of that dealership – and possibly even beyond. It would be a nightmare for the dealership and its customers if one were to lose that book.
The pen and paper method is not the safest method of storing passwords. Period.
There is a better way.
Use a password manager and kiss those sticky-notes & address books goodbye!
Beginner’s Guide to Password Managers
So, what exactly is a password manager? They are nifty, easy-to-use programs that serve primarily to save all your usernames and passwords in one central, secure location.
They make it easy to create long, impenetrable passwords for all of your accounts without needing to write them down anywhere – it is like a secure “vault” for all of your passwords. To use it, all you have to do is remember one master password that unlocks your account.
With the master password, you can access your entire vault and quickly autofill login forms on all your devices.
We recommend you have two separate password managers: one for personal accounts and the other for business accounts.
Password managers for personal accounts
When choosing a password manager, you have plenty of options. During the process, you’ll want to double check each contender’s features to make sure you are getting the best features to fit your needs. We strongly recommend you do NOT purchase a manager that does not have the following critical functionalities:
- Password generator for strength and complexity
- Dual-factor authentication
- Secure password sharing
- Mobile applications for your iOS or Android devices
- A security tool that evaluates all your account passwords and recommends changes to increase your security.
Features aside, no matter which password manager you choose, the important thing is that you get one. It’s an essential modern tool.
Setting up your personal manager
First, don’t be intimated–these tools are incredibly easy to use, and many managers provide step-by-step tutorials to get you started. However, in the interest of saving you some time, here are some quick how-to’s:
Step 1: Install the application on the computer and mobile devices.
This is very straightforward, but if you need to log into websites on the go, then you’ll also want to have your password manager installed on your mobile device. You can find your manager’s application either in the app store or Google play store. It is usually 100% free to add devices, so there’s often no reason to neglect this convenient feature.
Bonus feature: if your mobile device has fingerprint authentication, you can often use this feature with your password manager in lieu of entering your master password.
Step 2: Choose your master password.
Now, it’s time to pick your uncrackable master password. This password will open up your password manager and is the only password you need to remember.
You’ll want to use a random, complex, and long master password. However, it should be easy for you to remember – a tricky thing to accomplish. Here are a couple of tips to help you out:
- Think of a song you like. In this example, we’ll use Twinkle, Twinkle Little Star.
- Write out the first stanza or two: “Twinkle, Twinkle Little Star / How I Wonder What You Are”.
- Take the first letters and write them out without spaces: “TTLSHIWWYA”.
- Mix up the capitals: “ttLshiWwYA”.
- Throw in a couple numbers and symbols: “tt(Lshi!WwY23A”.
- And now you have a hard to crack password.
- PS: Make your own, don’t use tt(Lshi!WwY23A.
Step 3: Setup dual-factor authentication.
Always, always do this. Passwords protect your data, so you’ll want to make sure you use every security tool available for maximum protection against hackers.
Step 4: Start adding in your passwords.
This step will vary depending on what password manager you chose to use. Luckily, the user experience on these tools is very straightforward. Please note, you don’t need to add all of your passwords right away. To get started, we recommend you enter in your most-used passwords.
Step 5: Update bad passwords.
Some managers will show you which accounts have weak or reused passwords. The reason why you might have created weak passwords in the past was because you couldn’t remember them all too well. With a password manager, that is a thing of the past. So, get to it! Update all your bad passwords!
Step 6: Monitor password health.
This feature might not be available on all platforms, but if yours has monitoring, keep an eye on it. With breaches happening so frequently, it’s hard to stay on top of them. A considerable asset of a password manager is that it will alert you if an account gets compromised.
Password Managers for Businesses
Ready to say goodbye to sticky-notes? If you are a business owner thinking about getting a password manager for yourself and employees, your first step is to contact your IT provider or department. They’ll be able to help you find a business plan that will work best for your environment. They are also the ones to install and educate your end-users on how to use it.
If you’re still on the fence, consider the following benefits:
They allow business owners and IT departments seamless central management of users’ digital identities.
Ability to spot bad passwords.
With a password manager, admins can easily identify weak passwords. As a result, they can better enforce strong password policies that will ensure your data is safe.
Terminations are no longer a worry.
In fact, they become a breeze with a password manager. For example, when an employee leaves your company, admins can revoke access and ensure former employees no longer have access to your company’s data.
Obviously, we REALLY like password managers. They are easy to use and do you a whole lot of good in protecting your data. One thing to know is that most password managers use encryption, which means your password vault is very, very secure.
For example, the encryption method employed by Dashlane, an industry-favorite password manager, ensures it would take today’s computers billions of years to crack a single password.
What’s more, Dashlane doesn’t store your master password or encryption keys anywhere.
So if you’re worried about the concept of storing passwords digitally, remember the dealership password book – imagine how many passwords have been scribbled on sticky notes and stuck to monitors. By relying on the strongest encryption standards out there, password managers serve the critical functions of making your online life easier AND safer.