It's Probably Time to Start Using a Password Manager
With nearly every consumer product and application on-line now, the number of credentials every person must use has increased dramatically. According to DashLane, the average e-mail address is associated with 130 passwords. Practically speaking, no one can remember all username and passwords, which is a major security issue. Thankfully, many password managers are on the market to assist with this issue.
Background
Once companies and the various services they offer migrated on-line, the need arose for multiple login credentials. In the Internet's infancy, one might have been able to remember what they needed for logging in - email account, Amazon, eBay, and a Bank Account might cover most of it. Now, with both the near ubiquity of on-line business presences and the introduction of security rules governing password creation (Uppercase, special characters, etc.), remembering all passwords is impractical. Fortunately, password managers are a powerful tool to combat this conundrum.
Password Managers typically have you remember one "Master Password". This is "the one" you have to remember (and never write down). Knowing this password grants you access into the application where the remainder of your information is stored. It is important to note that your password is never stored anywhere on your device, in the "Cloud", or anywhere else. This is part of the integrity of the security protocol.
With your password, the Password Manager employs encryption technology to encode your data. While I am simplifying somewhat, the important piece to note is that your data is encrypted with very, very difficult to hack methods. While anything is possible, you should rest very easy that your encrypted data, which is usually stored locally on your device and on your Password Manager Vendor's servers, is very safe. Indeed, worrying about your encrypted data being "hacked" should not dissuade you from using a password manager...these systems are far, far better than any system of writing passwords down somewhere.
Bear in mind, the integrity of the Password Manager products is based on securing whatever information you place in the environment. Every provider will have a lengthy white paper - and peer reviews - of their products available for you to peruse before deciding to utilize what it being offered. I suggest reviewing the Security White Paper for your provider to familiarize yourself with the technology.
Getting On Board
The vast majority of consumer have access to either a smart phone, tablet, or computer. Fortunately for me, those who do not are likely not reading this. Fittingly, every Password Manager available on the market will have applications available for each type of device. Additionally, they will share the following in common:
- Password Storage. This includes username and password information. For web browser plug-ins, information can be stored automatically on first time use.
- Password Generator. In order to have long, strong passwords using a multitude of different character types, Password Generators will literally generate passwords for you. When you see them, you will know what I am talking about when I say they are very, very strong.
- Secure Notes. Think of these as secure sticky notes where you can store sensitive information - alarm codes, access key codes, etc. Also, you can store the Security Questions that pop up from time-to-time on various systems.
- Sharing Capability. This is a powerful way to share access to the same account with a spouse, child, or other loved one.
- Web Browser Plug-In. Most Password Managers will have a Web Browser Plug-in available to auto-fill account credentials for you. This is a convenience...some websites will not allow auto logins, so you will still have to type in your passwords.
- Device Portability. Depending in the Password Manager, you may be able to access the application on multiple devices - smart phone, tablet, and computer. Some may charge a fee for this feature. This is a very convenient feature to have.
- Others. The various offerings will include other bells and whistles that may be to your liking. Have a look at a few and see which one fits your specific needs.
Once you have selected a provider, you will have to endure the rather painful process of visiting all your websites and apps to add your login credentials to your Password Manager. While it is a bit cumbersome, you only have to do it once...and each additional credential gets easier. Additionally, you probably needed to change your passwords anyway. Thenceforth, whenever you add another login credential from now on, you will always want to have your smart phone ready so you can add it right to your Password Manager.
Once you choose a Password Manager you like, there will likely be a "Free" version you can use that has only a subset of the overall designed capability. Obviously, this is to entice you to eventually upgrade to the "Full" version for a price. While I obviously discourage people from frivolous spending, I will say that money spent on a Password Manager Annual Subscription is money a very worthwhile investment. This is not an area where you want to cut corners...pay up for the full version of whatever password manager you use.
Here is the interface of the Password Manager I use:
Now let's review the benefits of using a Password Manager...
Benefit #1: Never Being Locked Out
It seems whenever we need it the most, technology sometimes fails us, especially if we are attempting to access a website we don't frequently visit. Password Managers significantly reduce the probability of this happening. You really do not want to be caught out when you are trying to transfer funds or modify allotments to your 401(k) account. I freely admit, there is always tech support...
Benefit #2: Secure Passwords
Now that you have a secure way to store and generate passwords, your accounts will be "more secure" as you will no longer have the easy to discern birthdates, children's names, and other publicly available information in your passwords. Additionally, you will not have to use the same password for multiple accounts - a practice any reputable security expert will tell you to avoid.
Benefit #3: Sharing Passwords
For families, there is an inevitability of multiple clients for the same account. In these instances, password sharing is an invaluable tool. This has applications for parents with younger children obviously. Concomitantly, it also has benefits for adults with older parents whose accounts need to be monitored to insure bills are paid, accounts are not overdrawn, and to perform general checks for suspicious activity.
Benefit #4: A Thinner Wallet
The Premium Versions of some Password Managers have a specific application for storing credit card information. Therefore, if you use a specific credit card for on-line transactions, where having the actual physical card is not required, you can simply use the information stored in the Password Manager to complete your transactions. Thus, you need not carry the actual card with you. The same logic applies for your Social Security Card, Birth Certificate, Passport, and other items where you may need the information, though you need not have the physical document with you.
Benefit #5: Estate Planning
Being the Executor of an Estate is one of the more daunting tasks you can assign to someone, especially if they have no prior experience in the craft. The job is made even more difficult when the Executor has no blueprint of your financial life. Providing your Executor Emergency Access to your Password Manager can at least inform him/her where your accounts are. Then, your Executor can use that information to aid in your Estate Settling. Moreover, if you have Digital Assets - think Facebook, Twitter, LinkedIn, Instagram, etc. - he/she can follow those entities' protocols for managing your accounts going forward. And finally, you also have use of secure notes to detail exactly where the original Estate Documents are. Provide as much detail as you can....we won't be able to ask you anything at that point!!!
Conclusion
The widespread use of passwords for account credentialing necessitate a secure means to store and use this information. Gone are the days of using the same password across multiple accounts. We simply cannot afford to have any of our accounts compromised. A Password Manager is an ideal way to address this need. Go and research a few Password Managers and then start using one.