It’s time to delete that “passwords.xlsx” file on your corporate server or personal laptop. There’s no place in today’s threat landscape for unsecured login info or duplicate credentials: to truly protect yourself, you need a more robust solution. And it has to be secure enough to entrust with your identity, while efficient enough to keep login time to a minimum.
Thankfully, a good password manager is a simple & immediate boost to your security. In fact, it’s one of the few security measures that actually add convenience to your day!
The biggest challenges for modern passwords are complexity, variety, and ease of use. You need a hard-to-guess password, and you should never use the same password twice. But how can you meet those criteria for dozens of accounts, while still easily remembering each set of credentials? How do you remember which string of random characters to use?
This is especially difficult for groups who need to share passwords between multiple users, whether that’s for a shared work email or your family’s Netflix account. Sharing credentials with your trusted circle needs to be simple, but you don’t want to risk unauthorized access.
Finally, a password manager is essential for more somber reasons: legacy planning. The death of a loved one is already difficult, and the frustration of closing accounts can exacerbate that grief. A password manager preserves those credentials if the unthinkable happens, providing some small convenience in the midst of a logistics hurricane.
Many people keep a list of all their passwords – either in a notebook, on their phone, or in an Excel spreadsheet somewhere. But an unencrypted list is vulnerable to theft, and then you’d really be in trouble. The same goes for browser-based approaches (“Would you like Firefox to remember login info for this site?”). It’s somewhat convenient, but the security just isn’t there to back you up.
A fully-fledged password manager solves these problems, by storing and securing your credentials while allowing controlled access to the devices you specify. Password managers employ a much higher level of security, with recovery options and Multi-Factor Authentication, plus account settings you can tailor to fit your security needs.
You've likely heard of password managers before -- and it's possible that, like many people, you're avoiding the transition because it sounds like a lot of extra hassle. But a well-executed password manager not only improves your security...it actually makes it easier to access your credentials!
Because password managers are account-based, your credentials are available on both desktops and mobile devices. Sharing a password with a family member or coworker is also a simple process, directly within most password manager apps. Compare that to a paper list you have to carry around and risk losing, or a digital spreadsheet that you need to pull up every time you try to log in.
Every password manager is different, and choosing the best fit for you will depend on your security needs, the people you work with, and whether you’re open to a paid service versus a free one. In our recent session, we created a sample account with LastPass – but the following steps apply to any major password manager. Here’s a brief overview of the process.
Once you’ve chosen a service, you’ll need to create an account and establish your settings. This involves establishing a single overall password for your account, and you’ll want it to be a strong one. Once you’re all set up, this is the only password you’ll need from then on.
Next, you should immediately enable your recovery settings, as well as Multi-Factor Authentication. Because this service will be so critical to your online identity, you need these extra safeguards to prevent unauthorized access and ensure you won’t accidentally lock yourself out of the account.
Once your account is set up, you need to ensure that your chosen password manager is accessible on every device you use. Install the app & browser extension on each device, then log into your account on each. You may need to enable certain settings on your device – iPhones, for instance, require you to enable AutoFill in settings before these apps will function properly.
One last note on this: most free password managers limit your number of devices per account. LastPass allows multiple devices on its free version, which is one reason we recommend it, but if you want to use another option you’ll have to weigh the convenience against a (relatively small) monthly account fee.
Once you’ve set up your account and linked it to each of your devices, it’s finally time to enter your credentials and start cleaning up. At the end of this process, all of your online credentials will be secured within your password manager…and nowhere else.
Add each set of credentials to the manager, then immediately delete them from wherever you’ve been saving them until now, whether that’s your browser/phone memory, an Excel document, or even a paper list! The password manager’s security won’t mean a thing if your outdated lists are compromised, so destroy this data as thoroughly as you’re able.
For an extra layer of security, you can also generate random passwords, either directly within most password managers or from an external website. Because a string of random characters is more secure than a similar-length password of common English words, your accounts will be harder to breach. The passwords will also be harder to remember and write, so if you frequently need to share the password with others or type it out manually this may overcomplicate things.
As we’ve said before, an effective password manager is one of the few security features that actually increase your productivity as well. By collecting and safeguarding all of your online credentials, you can streamline your work even while increasing its defenses.
That dual commitment to both productivity and protection is a core aspect of the work we do every day, so if you’ve been looking for ways to improve your organization’s performance, consider starting a conversation with Mytech. See how we’re Making IT Easy for our clients, from simple steps like password management to far more sophisticated solutions.