Why Aren't You Using a Password Manager?

Picture of a vault door

Do not reuse passwords

One of the best ways to improve your Internet security is by using a different password for every site you login to. If you’re using the same password for multiple sites, it is easier for you to get hacked.

Reusing the same password is dangerous because if one of your accounts gets hacked, the hacker likely has your email, password, name, and contact info, which they can then use to login to your other accounts like Facebook, Amazon, Gmail, Yahoo, online banking, etc. The damage done can be extensive and also lead to identity theft.

But how are we supposed to remember dozens even hundreds of long passwords for our accounts? We can’t! That’s what password managers are for. A password manager stores and encrypts your passwords and requires a master password to get into the password manager itself. A password manager is a vault for your passwords.

Browser-based password managers

Good news. If you use Chrome, Firefox, or Safari (iCloud Keychain), you already have a free, easy-to-use password manager. These browsers have a password manager built in. If the browser asks to save your password, that’s the password manager. Click “Yes” and your username and password will be saved. The next time you try to login to that site the password manager will have remembered your login information and will automatically fill in your credentials or let you click to fill in.

Browser password managers are simple and convenient. If you login to the browser, the browser can sync your passwords, extensions, and other browsing information to the cloud. Now you can sit down at a computer anywhere, login to a browser that manages your passwords, and the browser will remember your login information for your sites. Do keep in mind though that with browser password managers you are trusting the browser company with all your passwords. Browser password managers have a pretty good reputation for security so far, but the Opera browser password manager was compromised in 2016.

Cloud-based password managers

There also dedicated password managers that sync to the cloud. Two popular password managers are Lastpass and Dashlane. You can find more by Googling “best password managers” and finding a recent comparison from reputable tech site. Cloud syncing password managers usually cost money but they provide extra features such as password generation, 2-factor authentication, and storage for personal information besides passwords. Again, as with browser-based password managers, your are trusting a company to keep your passwords safe. Cloud-based password manager extensions, in particular, have been found to have vulnerabilities, and the password manager OneLogin was hacked in 2017.

Non-cloud-based password managers

If you don’t trust a software company with your passwords that is understandable but there’s still hope. You can you a non-cloud based password manager. A popular password manager of this type is KeePass. You can download KeePass for free and it saves your passwords to your computer’s hard drive, not the cloud. You can then login to KeePass and save/manage your passwords. Unless you download a browser extension, you will have to copy your passwords from KeePass and then paste them into website to login. While not as convenient as cloud-based password managers, this type of password manager is arguably more secure.

With all these options available, there’s sure to be a password manager that’s right for you. And once you start using a password manager, you’ll wonder how you ever got by without one.