You Really Need a Password Manager.
Here’s How to Get Started
source: cnet.com | image: pixabay.com
Using a password manager is easy, and it’s one of the best ways to stay secure online.
It may seem like more trouble than it’s worth, but you really need to create a unique password for each of your online accounts. Each password should ideally be at least eight characters in length and consist of capital and lowercase letters, numbers and symbols. (Yes, using “password123” for everything isn’t going to cut it.) It may be tempting, but using one easy-to-remember code across all of your accounts can jeopardize your online security — and you definitely don’t want to make yourself an easy target for cybercriminals. In fact, recent research by cybersecurity firm Hive Systems has suggested that a weak password can be cracked instantly by a hacker.
Password managers are vital tools that can help you stay safe online and be more digitally secure by simplifying the process of using strong passwords. And they’re easier to use than you may think. Even so, 4 out of 5 American adults don’t use a password manager, according to a study from Security.org.
Here’s why you need a password manager and how to set one up.
What is a password manager, and why do I need one?
A password manager is an online service that stores your passwords as well as other data like credit card numbers, bank account information and identification documents in a secure, encrypted environment. It takes one of the biggest potential vulnerabilities — weak or recycled passwords — and does the hard work for you.
Bad password habits are dangerous for your digital security. Using weak passwords makes your accounts easy to crack, and reusing passwords leaves you open to credential stuffing attacks that can compromise accounts that share the same password.
But with a password manager, you only have to remember one single master password, and the password manager takes care of the rest — allowing you to create strong, unique passwords for each of your online accounts. If you’re not sure how to create a strong password, or if you don’t want to come up with one on your own, your password manager can create one for you. Many password managers also include a feature that analyzes your current passwords and lets you know which ones are weak or reused and need to be changed.
You can also securely share passwords and sensitive documents with family and friends if you need to. And if you’re shopping online, you can easily fill in your credit card information to make purchases without needing to have your physical credit card on hand.
Your password manager can also help you fight against phishing scams. Even if a phishing attempt tricks you into clicking on a malicious link, it won’t trick the password manager. Your password manager will detect that the URL is different than the site you usually log into — regardless of how similar it may look to the naked eye.
If you’re worried about storing all sorts of sensitive information in one place, you don’t need to be. The top password managers use a zero-knowledge approach to securing your passwords and other information you store with them — meaning that even the password manager itself can’t access your passwords or other data, because everything is encrypted before it leaves your device. And if your password manager can’t access your data, then neither can anyone else.
How to set up a password manager
The first thing you’ll need to do is choose a password manager and set up an account (CNET’s list of top password managers is a great place to start). Some password managers have a free tier that usually includes all the basic features you’d need, but you can expect to pay anywhere from $35 to $60 per year for a premium plan that includes things like access across multiple devices, expanded file storage and family sharing.
As you set up your account, you’ll be asked to create a master password. This is the one password that you have to remember — make sure it’s something you can recall, yet complex enough to make it difficult for others to guess. Also, make sure your master password isn’t one of your existing passwords you’re already using on other sites. Some password managers, like 1Password, offer a printable “emergency kit” that includes information like your username and digital key and where you can write down your master password. Yes, you can write down your password, just make sure to keep the piece of paper locked in a secure location.
We really can’t stress this part enough: Don’t forget or lose your master password or your emergency kit because, as a security precaution, password managers don’t typically offer a way to recover it. If you’re locked out, there’s no way back in.
Once you’re all set up with your account and master password, you can download the software to your devices. Typically, you’ll be prompted to download the app that corresponds to the operating system you’re using when you set up your account (iOS, Android, Windows or MacOS). You can also find download links on your password manager’s website for any other devices you may want to use your password manager on. If your password manager offers a browser extension, go ahead and install it — it will make autofilling your passwords on sites much easier.
After that, you’ll need to add your passwords to the password manager. Most password managers offer easy ways to import your passwords from various locations, whether that’s your browser, a spreadsheet or another password manager. You can also input your passwords manually.
Once you’ve got your passwords loaded into your password manager, you’re good to go. As long as you’re logged into your password manager, it will offer to fill in your login information as you visit the sites and services you use online. It will also offer to save new, secure login credentials on new accounts you create — ultimately saving you from putting your online security in peril.
For more information on how to protect yourself online, read about five ways to safeguard your data, nine rules to protect against cyberattacks and how to conduct a cybersafety check. And take a look at how two of the top password managers stack up side by side.