We all know the “right” way to create and use passwords, but very few of us actually follow the guidelines. It’s important to come up with passwords which are hard (if not impossible) to guess, using lots of characters of different kinds; also, once you have this strong password, you have to refrain from reusing it on more than one account.
Password Managers: how to use them
Needless to say, this is easier said than done! A password that’s difficult for someone else to guess is also difficult to remember, while using a different password for every website and service you use can make managing them all a real nightmare.
Thankfully, there’s a solution to this, and it’s called a password manager. This tool stores your password information from all the websites you’re registered on and allows you to log in to them automatically. Since they encrypt your entire password database with a single master password, there’s only one code that you need to actually remember.
First of all, it’s important to understand why it’s not a good idea to reuse passwords. No matter how big and seemingly secure a website is, there’s always the potential for hackers to obtain your user information.
It’s bad enough when this happens for one particular website, but these people can also then use your user ID, email address, and password for other websites as well, and can easily gain access to all of them if you reuse your password.
To mitigate the damage done in such cases, you should have a unique, strong password for every one of the websites you use. And to keep track of all of them, you should use a password manager! Here’s how this works:
What a password manager basically does is store the user information for all your online services. You just have to log in using a single master password and this tool will automatically fill the necessary information into the website’s fields: username, email address, and password. All you have to remember is the master password, everything else is taken care of!
Now, you might be thinking, “wait doesn’t my browser do something like that already?” Well, sort of. Popular browsers like Chrome, Internet Explorer, and Firefox all store you account information, but the first two don’t encrypt it – anybody with access to your computer could easily find that information.
Firefox, on the other hand, does have a master password feature which allows you to store passwords in an encrypted format, however it lacks other features a password manager has, like the ability to generate random codes (which make for really strong passwords) and cross-platform syncing).
So what are some good password managers you could use? Two of them are particularly popular: LastPass and KeePass.
LastPass is a cloud-based password manager which features extensions, mobile apps, and desktop apps for every browser and operating system you could ask for.
It is not only very convenient and easy to use, but also extremely secure: the program stores your passwords on LastPass`s servers in encrypted form, however it then decrypts and encrypts the code locally whenever you log in. This means LastPass can never find out your information, even if they tried!
KeePass is a great solution for those who are bit uneasy about storing their login information in the cloud. It is a free, open source, cross-platform and light-weight password manager which stores its database locally and gives you a great amount of control of your user experience.
Since it is open source, you can even have a look through the code and build your own plug ins, however this won’t be of much use to you unless you really know what you’re doing – if not, simply leave the coding to the professionals!
The most important thing when using a password manager is choosing the right master password – and then remembering it. Naturally, this has to be a strong password, so don’t use anything obvious like “012345” or your birthday, but instead put together a meaningless string of letters (both lower and upper case), numbers, and symbols.
You will of course have to remember this password, since if you lose it, you lose access to your saved passwords – but this should be a reasonable task now that there’s only one code you need to memorize. You might even want to write it down and put it somewhere safe, just in case you do forget.
It’s also worth noting that you can use password managers to safely store other kinds of data, like credit card numbers or various notes and messages.
And since password managers fill account information based on the web page’s URL, they can also be used to guard against phishing. If you’ve loaded a web page and the information doesn’t immediately get filled in, it’s possible you’ve landed on a phishing website and you should proceed with caution.