Passwords are everywhere and sometimes the last line of defense between a person and your personal information. Whether it is your banking information or your social media accounts, passwords are everywhere. Security and IT experts will tell you, to keep things secure, each password should be different and not something easy to guess. When presented with this, most people ask me how they are supposed to remember all of them. In most cases they use something easy to remember (and guess) with either different variations of it or just the same password across multiple websites. Otherwise they end up locking themselves out of their accounts and constantly having to reset the passwords.
All browsers will save your passwords also but keep in mind that those are stored locally to the computer and would be easy to compromise if the PC were stolen or even infected with malware. If you have a Google account, you can sign into Chrome and use it to save passwords there. As much as I like Google, they are a company designed to sell information they collect. I am not sure I would want to trust them with passwords. Not to mention, this is limited to the Chrome browser. If you use a more secure and privacy based browser like Firefox, it is not an option.
This is where I recommend a password manager like LastPass or Bitwarden. They are companies designed around password management and keeping those passwords safe. They both have browser extensions for most browsers allowing you to keep your passwords at the ready. They will automatically fill in the fields in most websites just like when they are saved in the browser. You can use it to randomly generate a password making it impossible for someone to guess. Then save that password linked to the site.
What about passwords, pins, etc that you need to access and are unable to add the browser extension or aren’t even online related? Pin or password to log into the time clock or computer at work? You can manually add them to your account and use the app on your phone to access it. You can also manually add secure notes, credit card or payment information or anything else you use often online but need it stored in a secure way.
LastPass and Bitwarden both have free accounts that will be suitable for most users. However they have additional paid options to keep your information as safe as possible. From searching the dark web for you accounts and personal information to see if any of the passwords have already been leaked to business accounts that allow teams to securely share passwords. Business accounts are perfect for small, medium or large teams that work together on projects that force them to utilize single accounts or secure information across multiple team members. You can even share passwords with security measure set to not allow them to see the password but utilize it to log into the site or application.
The mobile apps for these also have many features. In most cases you can utilize the app to log into other applications that require authentication. If you have a fingerprint reader you can use that to authenticate instead of using the master password or site password.
Password managers are secured by one master password that allows you to utilize the rest of the logins from there. While this can be a little risky because one password accesses them all, you can make that one password as secure as possible to keep the rest safe. Keep in mind when saving to the browser the way Chrome, Edge, and Internet explorer do, the single password is also all that is needed to access all of the others.
However, you can also use additional settings within the password managers to keep your passwords safe, such as making it ask for the master password before filling in any other passwords. That way if someone gains access to your PC while you are logged in already, they still need the secure master password to get to or use the rest of them.
One of the aspects of security is to make access to the secured data hard or time consuming. All encryption (for example) can be cracked given the right information and a lot of time. With that said, ideally the most secure way is for someone to make every password different, nothing related to the user (such as random letters, numbers, and special characters) and to memorize each of those passwords. If this isn’t ideal, a password manager is the best alternative to that. It certainly beats keep those passwords written down somewhere insecure like sticky notes attached to a monitor (yes, this is common) or making the password “Password” (also more common than it should be).
CFLnet highly recommends LastPass or Bitwarden to all of its Clients that need help keeping their passwords safe but still accessible to their users. To find out more about how they work or how to install/use them follow the links below.
LastPass – https://www.lastpass.com/how-lastpass-works
Bitwarden – https://bitwarden.com/products/