I’m going to be blunt: Please start using a password manager. It will make your life easier and will help protect your personal information, such as your email and banking accounts. I’m hoping those two sentences alone will be enough to get you to make the move to using a password manager. But if you’re the sort of person who needs a little convincing, keep reading.
What is a Password Manager?
A password manager is a program that keeps track of usernames and passwords for you. You use a single master password to access the list. Ideally, this master password is at least 12 characters long with great complexity (e.g. “yU%^8ui!-+1G”) or very long with moderate complexity (e.g. “do++U++want++A++piece++OF++pumpkin++PIE?”). I prefer the latter because I can memorize it, and this is the only password I have to memorize. All of the rest are managed by the password manager and can be very, very complex – so complex that I have no chance of memorizing them. If you’re not using a password manager, it’s for one of following reasons:
- You don’t know much about them.
- You think they will be hard to use.
- You don’t want to trust a program to remember all of your sensitive data.
- You are in denial.
Why Stronger Passwords?
Let me work backwards on this list. If you’re in denial, it may be that you can’t imagine why anyone would want to access any of your information. Or perhaps you think the odds are on your side — there are 3 billion internet users — what’s the chance someone hacks into your life? It may surprise you to learn that half of all adults in the US have been hacked in the past twelve months. If half of the homes in your neighborhood had been broken into during the last twelve months, I’ll bet you would be looking for a new place to live! From another perspective: Think of your five closest friends. Together, there are six of you and chances are good that three of you have been hacked. Do you also leave your home or apartment unlocked with the windows open? Do you always leave your car unlocked?
Let me state this more clearly. If you continue using easy to just moderately hard passwords, you will have some aspect of your electronic life hacked and the results can be devastating.
Let’s examine the third reason on this list. Perhaps you think it is ludicrous to trust a program with remembering all of your sensitive passwords. I do understand that thinking. My first argument would just be that the merits of a password manager far outweigh the risk. There are probably two things that could go wrong if you’re using a password manager. Your first worry could be that the program goes haywire and corrupts or loses all of your data. The second could be that someone gains access to all of your data which you have neatly compiled into a single place. If you use a password manager, you fear, you’ll be at great risk if your master password is stolen. However, almost all password managers use two-factor authentication. If you enable two-factor authentication with your password manager, then even having your master password compromised will leave you protected. Your risk here is very small, much smaller than the risk you face by using nothing at all. I am not aware of any horror stories related to lost data from a password manager. If that happens, it will stink, but you’ll recover. And in the meantime, you’ll have been using really hard passwords.
Which brings us to the second reason in our list — you think it will be hard to use. I’ve convinced many users to move to using a password manager. Generally, I’m recommending LastPass because that’s what I use. In just about every instance, the person comes back to me and says “I don’t know why I waited so long. This is much better!” A good password manager simplifies logging into websites. Generally, they automate some or all of the task. They even recognize when you change a password and prompt you about saving the new password. I don’t have to remember to go update LastPass…LastPass sees me changing the password and presents a pop-up asking me if I want to save the change back to LastPass. LastPass also has a password generator — which I always use — so that I can have it generate the absurdly complex passwords (and, of course, it saves that password for me in the same step).
Recommended Password Managers
And now we’re up to the first reason on the list – you don’t know much about password managers. Hopefully, we’ve moved you forward on the learning curve. So get started. Here’s my short list of recommendations:
And please consider using two-factor authentication, as well. That way, when you compare notes with your five closest friends, you’ll be confident you’re not one of the three who’s had his online life hacked.