It seems like every day you see on the news or read on the internet about another data breach and passwords being stolen.
In most breaches password information is stolen. How those companies have secured that information will determine if it can be easily used by the thieves. Whether or not they can, you’re told to change your passwords after a breach. What if, heaven forbid, you use the same password at multiple websites? You, my friend, can be in a world of hurt. Not only is that bad security practice, it just makes it easier for the thieves to access your other accounts with ease. I know you’re thinking, “I can’t remember every password I use at every site I sign up with! That’s why I reuse or use variations of one password!” Password managers exist to make your life easier and if you’re not using one today, you should be.
So what is a password manager and why should I use it?
A password manager is software that holds your password information in one place (or a vault) for easier use across websites. Most of them secure the data with encryption making them safe to use. You should be using one because they have functionality built in to generate random, strong passwords so you don’t have to remember the password for each site. You only have to remember one, the one that logs you into your vault. Strong passwords are passwords that have multiple variations like uppercase, lowercase, numbers, special characters and are typically longer that 8 characters.
Which one should I use?
There’s multiple options out there and it’s really up to what you’re looking for. Most have a free version and have a premium version with a monthly or yearly fee. They also are cross-platform, allowing you to use them on Windows/Mac and Android/Apple. All have two-factor authentication options as well as mobile apps on Android/Apple. Here’s a few:
Bitwarden – I use this one as its open source and developed by one person. It rivals its competitors with features but isn’t quite at the same level as others, being that it is maintained by one developer. Feature parity isn’t on par with Lastpass just yet but it’s getting there. If you want to support the little guy and support open source, go with this one. You can even run your own server of it, if you feel so inclined. While the developer is responsive to issues/requests, it takes much longer to be implemented as it’s just one guy running the show. Premium is $10 a year.
Lastpass – The standard and most recommended. I used this for quite a while and while it works pretty well, it was acquired by LogMeIn a few years back. LogMeIn’s parent company has a way of removing features and increasing price with their products. In expected form, they recently increased the premium tier price by double what it as previously. You can access it for free on a mobile device (it was not free before). They have a security checkup tool that allows you to see if your passwords are strong enough. Another option they have is credit monitoring should your information be stolen (a free tier and monthly paid options available). THey also have a family option to have multiple people use the password manager. Customer service suffers a bit if you aren’t a premium member. Premium is $24 per year. The LastPass plugin is not working correctly with Firefox and hasn’t been for a while, if you are a user of Firefox.
1password – Another option that I don’t have much experience with it’s geared towards Mac/Apple users. It’s local driven meaning the password vault is stored on your machine instead of in the cloud like the others. It’s $36 a year for individuals. It has several syncing options one of which allows you to bypass the cloud completely if you’re concerned.
Dashlane – Another oft-talked about option. However if you want syncing, which you’ll likely need, you need to pay $40 a year (more expensive than Lastpass). It’s mostly feature-same as Lastpass but the pricing is a bit of a turn-off.
Easily generated random, strong passwords, auto-filled when you visit web pages, a secure one-stop-shop for all your passwords. I highly recommend using a password manager and encourage you to check out each option and pick what fits you best. In the end, it’s much better than reusing the same password or storing them on sticky notes by your machine.