What is a password manager?
A password manager is an app that remembers your passwords, so you don’t have to. You only need to remember one master password for opening the app to get access to all of your saved passwords.
Most password manager apps also:
- generate secure passwords (long, random ones that would be hard to remember, and hard to hack)
- auto-fill them when you need to use them
- synchronize your data between your desktop computers and mobile devices
- securely store other information, such as credit cards, passports, addresses, wi-fi passwords, and more)
Some examples of password managers:
What if the password manager gets hacked?
Many people tell me that the reason they don’t use a password manager app is that they worry that it will get hacked and someone will then have access to ALL of their passwords.
That feels like a reasonable fear when you first think about it. But if you look into it a bit more, you’ll see why it’s a good idea to use one.
Trusting a password manager
I look at two sources of information when evaluating the safety of apps like these:
- The app developer’s security documentation
- What independent security experts have to say about this issue
How security works — 1Password example
Let’s use 1Password as an example. Here are some useful things to know about how it works, from their documentation.
If you’ve been imagining your master password floating around the Internet somewhere, vulnerable to being hacked, no wonder you’ve been worried. It stays only in your head (or wherever you write it down… and store in your home).
Security experts recommend using a password manager
Here is what security expert, Bruce Schneier says about using password managers in “Choosing Secure Passwords”
“Even better is to use random unmemorable alphanumeric passwords (with symbols, if the site will allow them), and a password manager like Password Safe to create and store them”
The Electronic Frontier Foundation recommends the use of a password manager on their page, “Creating Strong Passwords.” They also remind us why using the same password on multiple sites is a very bad practice.
Reusing passwords is an exceptionally bad security practice, because if an attacker gets hold of one password, she will often try using that password on various accounts belonging to the same person. If that person has reused the same password several times, the attacker will be able to access multiple accounts. That means a given password may be only as secure as the least secure service where it’s been used.
Why I like 1Password: convenience and security
I’ve been using 1Password for many years. I use it on my iPhone, iPad, and Macbook Air. I’ve never had a problem with it, and it makes it possible to use long, random, secure passwords that I would never be able to remember without it. It’s great to have all that data with me on my iPhone, whenever I need it (fully encrypted and secure).
Learn to set up and use a password manager (and other useful apps for organizing your life)
In my course, Using Apps to Manage Information and Stay Organized, you’ll get step-by-step help with setting up 1Password, and other apps for managing the information in your personal and professional life. The course includes video demos, handouts, readings, and plenty of chances to ask questions.
With the knowledge from this course, you’ll be able to
- Synchronize information securely between all your devices (mobile and desktop).
- Generate secure passwords.
- Automatically back up your smartphone’s photos.
- Create to-do lists that are accessible from all your devices.
- Go paperless if you wish, and make best use of your mobile devices.
- Understand best practices for security and learn how to decide what levels of security make sense for different types of information.
- Create your own app guides, offer workshops, and advise your users and colleagues on best practices for managing their information.
Learn more and sign up! (Begins September 5, 2017, and runs for five weeks).