Home Password Manager
Post
Cancel

Password Manager

Password Managers

There are many password managers available on the internet. But which one should you use? What should you look for? Is there one that works for everybody?

The answer to all of those questions depends on your needs. Every password manager out there has its pluses and minuses. Some are free, some cost money, some are open source (what does that even mean?). In this article we will talk about all of that.

We will discuss

  • What is a password manager?
  • Why do we need a password manager?
  • How to choose a password manager
  • How to install the password manager you choose
  • How to install the browser plugin for the password manager you choose
  • How to install the password manager on your phone
  • How to get your existing passwords into the password manager
  • How to create new passwords and store them in your password manager
  • How to export your data and change password managers

There are always new password managers coming out. So this article might be dated quickly. But I will cover the basic concepts at the time or writing, and those should carry through to the latest and greatest.

Hopefully this article will help you get started.

What is a password manager?

A password manager is a piece of software that allows you to securely generate and store your passwords for different sites and applications. Ideally you should only need to know one password and that is the password to your password manager. From there the software should take over all the work of remembering your usernames and passwords for a given website.

Why do we need a password manager?

What if you never had to remember a password again?

It seems to happen on my facebook at least once a week, “Please don’t open any messages from me, I have been hacked”. This is probably the most visible reason you need a password manager, among other tools we will talk about in later posts.

For this example lets say it was you that had your facebook account compromised. If the attacker got your password, what else did you use that password for? Did you use it for your bank account, stock brokerage account, Doordash, or anything else?

I don’t know how many of you know that your data has most likely been leaked by any number of breaches. A lot of those breaches included passwords in the clear or using very weak methods to encrypt them. The companies that are the “victim” of these breaches don’t have to notify you that they lost your data. So if company X that you made an account on 2 years ago using that password is exposed, how would you know?

Another problem is how are you supposed to remember your passwords? You can use the same password everywhere, but as highlighted above that leads to a lot of work if one company or site loses your data. You could write them down on paper, but then you need to carry that book around and if it is lost, so are all your passwords.

A password manager can do a lot of things for us. It can generate new, secure passwords for us. Long passwords that are hard to guess and take a long time for even a computer to guess. It can make it so we have a different password for each website we log into. It can also make it so you never have to worry about remembering a password again.

Some password managers let you store your credit card data in them so it is secure and you don’t have to run for your wallet every time you buy something. This also makes it so you don’t risk your credit cards being stored in a website that you bought that really cool coffee cup for mom last Christmas and will probably never buy from again.

There are a lot of extra functions in modern password managers. Some will watch for data leaks and let you know which passwords are compromised. Some will even go to a website for you on the click of a button, change your bad password, create a new one and store it in the manager.

Here is our list of requirements for a password manager

  1. We need a place to store your passwords so you don’t have to remember them
  2. We need a way to generate a good password that isn’t easy to guess and that we don’t need to remember.
  3. We need to be able to access our passwords from our computers, phones and other devices securely and easily.
  4. We need the data on our phone and computer to sync so we have the latest information all the time. If we change our password on the computer our phone should know about it ASAP.
  5. It would be really cool if the password manager would automatically fill in my username and password for me.
  6. Where does the data live and who holds the keys to the encryption? Ideally it is us and on our devices only, but that would impact other requirements so we will need to make some trade offs.
  7. Our password manager needs to work on all our devices, PC, Mac, iPhone, Andriod and in our web browsers.
  8. If we forget to store the last password we generate, we should be able to recover it.

Extras that would be nice to have:

  1. We would like to be able to store other data in our password manager, like credit cards, secure notes, etc.
  2. We would like it if our password manager could scan the “dark web” for us and tell us if we have any passwords that are compromised.
  3. We would like it if our password manager could tell us which passwords we have that are duplicates.
  4. We would like it if our password manager could change some passwords for us.
  5. We would like the ability to share a password with our spouse or others that might need it. Cough cough Netflix….
  6. We would like our password manager to use 2FA. What is 2FA? We will get into that later and in another post.

How to choose a password manager

Well first what are out options? Where do we even start to look?

Below is a list of popular options as of the writing of this article.

Rather than try to review all of these, I will leave some links below to full reviews from trust tech websites. I will quickly go over the features of a few of the options so to try and make it simple.

CNet password manager review

PC Magainze password manager review

LastPass Highlights

LastPass has been around for a long time. It was one of the first password managers I used.

Some of the pros from my stands point:

  • It works with everything, Windows, Mac, Android, iOS and I think they even have a Linux version.
  • It works in all the major browsers
  • We can store payment cards and bank account information in it.
  • It has dark web monitoring and a security dashboard in the premium version.
  • It supports all the 2FA options I can think of. More on this later.
  • We can store notes and other data in it.
  • We can categorize our information, passwords, notes and so on.
  • We can share our passwords with our spouse and other people.
  • Regular audits, penetration tests and bug bounty program.
  • The master password (your password for the system) is the key to unlocking your data.

Cons:

  • The interface can take a minute to learn and find things
  • Most features are not available in the free version.
  • The system isn’t open source so there is no way for us to know if there is a back door into the system.

1Password Highlights

This post is licensed under CC BY 4.0 by the author.
Recently Updated
Contents

-

-