Is it safe to use a password manager to keep track of your passwords?

Is it safe to use a password manager to keep track of your passwords?

What is a password manager?

A password manager is an app that remembers your passwords, so you don’t have to. You only need to remember one master password for opening the app to get access to all of your saved passwords.

Most password manager apps also:

  • generate secure passwords (long, random ones that would be hard to remember, and hard to hack)
  • auto-fill them when you need to use them
  • synchronize your data between your desktop computers and mobile devices
  • securely store other information, such as credit cards, passports, addresses, wi-fi passwords, and more)

Some examples of password managers:

What if the password manager gets hacked?

Many people tell me that the reason they don’t use a password manager app is that they worry that it will get hacked and someone will then have access to ALL of their passwords.

That feels like a reasonable fear when you first think about it. But if you look into it a bit more, you’ll see why it’s a good idea to use one.

Trusting a password manager

I look at two sources of information when evaluating the safety of apps like these:

  • The app developer’s security documentation
  • What independent security experts have to say about this issue

How security works — 1Password example

Let’s use 1Password as an example. Here are some useful things to know about how it works, from their documentation.

If you’ve been imagining your master password floating around the Internet somewhere, vulnerable to being hacked, no wonder you’ve been worried. It stays only in your head (or wherever you write it down… and store in your home).

Security experts recommend using a password manager

Here is what security expert, Bruce Schneier says about using password managers in “Choosing Secure Passwords

“Even better is to use random unmemorable alphanumeric passwords (with symbols, if the site will allow them), and a password manager like Password Safe to create and store them”

The Electronic Frontier Foundation recommends the use of a password manager on their page, “Creating Strong Passwords.” They also remind us why using the same password on multiple sites is a very bad practice.

Reusing passwords is an exceptionally bad security practice, because if an attacker gets hold of one password, she will often try using that password on various accounts belonging to the same person. If that person has reused the same password several times, the attacker will be able to access multiple accounts. That means a given password may be only as secure as the least secure service where it’s been used.

Why I like 1Password: convenience and security

I’ve been using 1Password for many years. I use it on my iPhone, iPad, and Macbook Air. I’ve never had a problem with it, and it makes it possible to use long, random, secure passwords that I would never be able to remember without it. It’s great to have all that data with me on my iPhone, whenever I need it (fully encrypted and secure).

Learn to set up and use a password manager (and other useful apps for organizing your life)

In my course, Using Apps to Manage Information and Stay Organized, you’ll get step-by-step help with setting up 1Password, and other apps for managing the information in your personal and professional life. The course includes video demos, handouts, readings, and plenty of chances to ask questions.

With the knowledge from this course, you’ll be able to

  • Synchronize information securely between all your devices (mobile and desktop).
  • Generate secure passwords.
  • Automatically back up your smartphone’s photos.
  • Create to-do lists that are accessible from all your devices.
  • Go paperless if you wish, and make best use of your mobile devices.
  • Understand best practices for security and learn how to decide what levels of security make sense for different types of information.
  • Create your own app guides, offer workshops, and advise your users and colleagues on best practices for managing their information.

Learn more and sign up! (Begins September 5, 2017, and runs for five weeks).

Cyber Security and Privacy: July 6 webinar

Cyber Security and Privacy: July 6 webinar

If you read today’s headlines about security breaches, you might be thinking of going back to fax machines and snail mail. Or you might be assuming that privacy is dead and we may as well get used to it (and you have nothing to hide, right?)

While there is no such thing as foolproof security and privacy, there is a middle ground that you can find by understanding and using particular techniques.

Have you ever wondered about the following questions?

  • Is your laptop or smartphone’s traffic being harvested when on public wi-fi?
  • What’s the best thing to do if your device is lost or stolen?
  • (more…)

Getting over your resistance to using a password manager

Manage your passwords
Do you still use the same password on multiple sites? Or perhaps you keep a list of all your passwords on paper, or in a file on your computer?

If so, I’d like to suggest that it’s time to finally give a password manager a try. No system is completely foolproof, but using an app like 1Password is much more secure than re-using passwords you can remember. If a site gets hacked and you’ve used the same password that you use on other sites, it’s very likely that your password will be tried everywhere — on sites that you care about, such as bank accounts, shopping sites, and more.

Here are some reasons to use it: (more…)

Organize your life with mobile apps: online course

lower stress, function smoothlyI’m in the midst of creating a new online course called Organize Your Life with Mobile Apps. If you’ve ever lost important information or forgot to bring it with you, this will help.

Have you been too busy to find and set up the best apps for organizing your life?

I’ve met many people who tell me they are too busy to set up and use any new apps. They use email, web browsers, Facebook, and a few games on their iPhone or Android smartphone — but not productivity apps. If this sounds like you, this course will help. (more…)