Pinterest Stumbleupon Whatsapp
Ads by Google

Choosing some sort of password management strategy to deal with the huge amount of passwords we need is crucial. If you’re like most people, you probably store your passwords in your brain. To remember them all, you have to cut corners — choosing weak, easy-to-remember passwords and reusing them for multiple accounts. But there are better ways — a good password management tool will allow you to use secure passwords without devoting lots of time to memorization.

We’ll cover a variety of different password management tools here, from the high-tech to the traditional. It’s important that you sit down and figure out some sort of password strategy Use A Password Management Strategy To Simplify Your Life Use A Password Management Strategy To Simplify Your Life Much of the advice around passwords has been near-impossible to follow: use a strong password containing numbers, letters and special characters; change it regularly; come up with a completely unique password for each account etc.... Read More . If you’re not using strong, unique passwords, you are vulnerable.

Your Brain

The human brain is the original password management tool. In a world where people only needed a handful of passwords at most, this worked just fine. These days, using only your brain to manage your passwords has become almost impossible. If you use passwords properly, you should use complicated, secure passwords 7 Ways To Make Up Passwords That Are Both Secure & Memorable 7 Ways To Make Up Passwords That Are Both Secure & Memorable Having a different password for each service is a must in today's online world, but there's a terrible weakness to randomly generated passwords: it's impossible to remember them all. But how can you possibly remember... Read More — and use a completely unique password everywhere.

Because this is so difficult, people turn to shortcuts like reusing the same password everywhere. With all the password leaks occurring Passwords Stolen From Last.FM, eHarmony And LinkedIn [Updates] Passwords Stolen From Last.FM, eHarmony And LinkedIn [Updates] The discovery of password security breaches at three popular sites has yet again reminded the web that using the same password for every site isn't a good idea. Passwords have been stolen from millions of... Read More , this is a very dangerous security practice. An intrusion at one website could result in your accounts everywhere becoming compromised.

This method is perfect for: People who somehow only need a handful of passwords and people with photographic memories.

human-brain

Ads by Google

Firefox or Another Browser’s Password Manager

Managing your passwords with just your brain is too difficult, so where does that lead us? Well, you can have your computer store your passwords for you. Sure, there’s some risk involved — but it’s much more risky to use the same password everywhere. If you have your computer manage your passwords for you, you can use strong, complicated, and unique passwords everywhere — you don’t have to remember them, so they can be quite complicated and long.

The most obvious password management solution is the one in your browser. Your browser asks you to remember passwords when you enter them. It will store these on your hard drive and prompt you to automatically enter them when you next view your website.

Firefox has the best built-in password manager The Firefox Mini Review - A Fresh Look At a Familiar Browser The Firefox Mini Review - A Fresh Look At a Familiar Browser Firefox took browsing to a whole new level. It offered a stable, open source, cross-platform browser with innovative features, such as tabs, extensions, and find as you type search. Granted, many of its features weren't... Read More . Its master password feature allows you to protect your stored passwords with a strong master password — this is the one you’ll have to remember. Your passwords are then stored on your hard drive in an encrypted form, so no one can snoop on them without your master password. Firefox can also sync these passwords in encrypted form with Firefox Sync, so you’ll always have a backup copy and you can use them in the Firefox browser for Android. Unfortunately, Firefox is only available for Android mobile devices, so you won’t be able to access your passwords from an iPhone or iPad.

We don’t recommend using the password manager built into Chrome or Internet Explorer because these browsers can’t properly protect your passwords — they store them on your computer in an unencrypted, easily accessible form.

This method is perfect for: Firefox fans who don’t want to use a separate password manager and have an Android phone.

firefox-password-manager-master-password

LastPass – Cloud-based Password Management

Password managers included with browsers aren’t amazing. Firefox’s is the best, but it has some major limitations — it can’t automatically generate a strong password for you, it’s unavailable for iPhone and iPad, and it doesn’t have a great interface for organizing and managing your passwords.

LastPass provides browser extensions and mobile apps for all popular browsers and platforms. It stores your passwords in encrypted form on LastPass’s servers — you need your master password to decrypt the passwords on your computer. It syncs and is available anywhere, whether you’re using Chrome, Safari, Firefox, Internet Explorer, Windows, Mac, Linux, Android, iOS, Windows 8, or any other browser or platform. It can automatically generate secure passwords for you and inform you when you’re using weak or compromised ones.

We strongly recommend LastPass as one of the best password managers you can get. The base version of LastPass is free. if you want access via mobile apps, you’ll have to get LastPass Premium LastPass Premium: Treat Yourself To The Best Password Management Ever [Rewards] LastPass Premium: Treat Yourself To The Best Password Management Ever [Rewards] If you've never heard of LastPass, I'm sorry to say that you have been living under a rock. However, you are reading this article, so you've already made a step in the right direction. LastPass... Read More — only $12 per year.

Of course, LastPass isn’t the only cloud-based password manager. You could also try something like 1Password 8 Essential Tools For the Digital Hoarder 8 Essential Tools For the Digital Hoarder Yes - I'm a digital hoarder - and my hard drive was so full I had to buy a 4TB NAS. Movies, music, photos, eBooks, stock footage -- I just know I'll get around to... Read More or Dashlane Dashlane - A Slick New Password Manager, Form Filler & Online Shopping Assistant Dashlane - A Slick New Password Manager, Form Filler & Online Shopping Assistant If you've tried a few password managers before, you've probably learned to expect some roughness around the edges. They're solid, useful applications, but their interfaces can be overly complex and inconvenient. Dashlane doesn’t just reduce... Read More .

This method is perfect for: People who want a do-everything app to generate their passwords, securely store them, and make them accessible everywhere. A good password manager can take a load off your mind.

autoamtically-filling-password-with-lastpass

KeePass – Local Password Management

LastPass stores your encrypted password vault in the cloud, which is convenient — but it may also be unsettling for some users. Some people may prefer to keep their passwords stored on their local computers, but want a more advanced, secure tool than the password managers built into web browsers.

KeePass is a free, open-source desktop app KeePass Password Safe – The Ultimate Encrypted Password System [Windows, Portable] KeePass Password Safe – The Ultimate Encrypted Password System [Windows, Portable] Securely store your passwords. Complete with encryption and a decent password generator – not to mention plugins for Chrome and Firefox – KeePass just might be the best password management system out there. If you... Read More . It runs locally on your computer and doesn’t sync with anything. If you want to back up your KeePass passwords or make them available on your phone or other PCs, you’ll have to move your password database file around manually. It’s a powerful, secure application, but it’s more complicated to use than other password managers — especially because it doesn’t provide browser integration or syncing by default.

This method is perfect for: Geeks who want full control over their own password database and don’t mind using a more complicated tool.

keepass password safe

Writing Down Passwords

Instead of relying on your brain or a piece of software, you may want write the passwords down in a notebook. This way, you’ll be able to use unique, complicated passwords everywhere without forgetting them. You also won’t have to worry about your password database being compromised.

If you do go this route, you should only write down passwords that aren’t very important. Passwords to unimportant websites are fine, but you shouldn’t write down the passwords to your primary email account (which could be used to reset your other passwords), online banking, or other important accounts. You should also store the notebook somewhere safe — don’t just throw it in your backpack or purse and take it with you everywhere. You’ll also lose your passwords if you misplace the notebook or it becomes stolen.

All in all, a notebook might be a great way to remember your Netflix password, but it’s not a secure way to manage every password. You’re better off with a proper password manager.

This method is perfect for: Passwords that aren’t very important.

blank-white-notebook

An Algorithm

If you do want to use only your brain, here’s a trick for you: Come up with some sort of base password and an algorithm to tweak it for each individual website.

For example, your base password could be fd#97sdX^Sik35. For Google.com, you could take the base password and turn it into gfd#97sdX^Sik356, because Google.com starts with a g and the domain name contains 6 letters. This is better than using the same password everywhere and still allows you to manage your passwords with only your brain and no third-party tools. However, this is just an example — ideally you’d modify the password more so it wouldn’t be so similar everywhere.

There are password generators that generate website-specific passwords based on a master password Safely Use The Same Password Everywhere with KeyGrinder [Web & iOS] Safely Use The Same Password Everywhere with KeyGrinder [Web & iOS] The golden rule when it comes to securing your online accounts is to never use the same password more than once. Even if you are guilty of breaking this rule for throwaway accounts, you should... Read More . These function similarly, essentially implementing the algorithm as software.

This method is perfect for: People who want to do it all in their own head.

man-thinking-about-passwords

Methods You Shouldn’t Use

Whatever you do, there are methods you shouldn’t use. These tricks are sadly quite common.

  • Using Weak Passwords: Yes, “password” or “letmein” are easy to remember, but you shouldn’t use them because they’re very easy to guess. We’re not joking about this either — these are some of the most common passwords found in leaked password databases, along with other obvious passwords like “123456.” You should choose a longer, less obvious passwords with a variety of different types of characters.
  • Reusing the Same Password Everywhere: So you’ve thought up a complicated, secure password — great. But you shouldn’t use this password everywhere. After one leak, your password can be paired with your email address to access many of your other accounts. They can even use it to access your email inbox if you used the same password for your email. Password leaks are one of the greatest password-related threats we face, so using unique passwords is extremely important.

These methods are prefect for: People who want their accounts compromised.

bad-password-practices

Which Solution Is Right For You?

So how should you manage your passwords? If you’re unsure, we recommend you try LastPass — it’s easy to use and works everywhere. But it’s not the only good option, which is why we’ve given you so many other ideas above. For more information, be sure to read our password management guide.

How do you keep track of all your passwords? Leave a comment and let us know!

Image Credit: X-Ray of Human Brain via Shutterstock, Blank White Notebook via Shutterstock, Thoughtful Man via Shutterstock, PIN Code Written on Palm via Shutterstock

  1. kevin thompson
    October 31, 2016 at 2:52 am

    Thoughtful analysis - I Appreciate the analysis ! Does anyone know where I can find a fillable IRS W-9 example to complete ?

  2. Roberta Spangler
    January 8, 2015 at 6:47 pm

    I like Roboform. I've had it off and on for years and, no matter what other manager I decide to try, I always come back to it. I pay to have it on all my devices, and it syncs across all of them so I don't have to duplicate work.

  3. Tony Pitman
    December 19, 2013 at 1:21 am

    I've been using oneSafe (password manager app) for a year and a half now and it's great. Easy to use and very secure. And you can synch all your info between your Mac and iPhone which is really handy. It's the best one I've come across so far.

  4. Gillian V
    December 2, 2013 at 4:27 am

    I'm curious that no one includes Passpack in reviews. Why not? I'd like to hear more.

  5. Russell Smith
    October 11, 2013 at 6:47 am

    Really, a bit of helpful in my case.

  6. Gillian
    September 26, 2013 at 3:09 am

    I use Passpack but don't often hear about it.

  7. gary
    August 26, 2013 at 5:31 pm

    not a single word about roboform?????????? been around for years, in about its 9th or tenth revision, works across devices and computer systems. i mean, seriously??????????

  8. ian speight
    August 7, 2013 at 7:25 pm

    Does anyone have any theories as to what to do regarding
    a life changing situation ? Death or serious injury
    where the Family of the victim, may need to access
    work stored on pc,but are unable to enter, through not
    knowing the passwords etc ?

  9. Larry
    August 7, 2013 at 6:09 am

    1Password isn't cloud-based

  10. J04NNY8
    August 5, 2013 at 4:39 pm

    Surprised! No mention of PasswordCard app? Simple, as strong as ya want it to be, and very very clean.

    Good article, though! Right stuff to get people thinking about.

  11. John (Jack) Morin
    August 2, 2013 at 4:53 pm

    I have been using RoboForm for years now and find it to be an excellent passward manager. I can create my own passwords and have RoboForm remember them or I can ask RoboForm to create one for me. I can stipulate the number of characters, the use of letters and or numbers as well as mixed upper/lower case characters. I can create a Master Password which allows me to access all my other passwords as well as preventing anyone else from accessing them. I do use other password managers such as Dashlane, KeePass and Lastpass all of which work well, But my favourite is still RoboForm. There is a free version which allows up to 10 passwords and a paid version ($29.95) which I have that allows an unlimited number of passwords. There are several versions available. Chek them out at http://www.roboform.com/.

  12. Guy M
    August 1, 2013 at 9:21 pm

    KeePass used with Google Drive and the KeePass app is a really useful way of having access to your passwords wherever you go. I love it.

    Erez did an article about KeePass and Dropbox - same concept.

  13. Er.Shivam Kumar
    August 1, 2013 at 7:30 pm

    the thing i like the most was informing readers to save password in firefox only and not in chrome coz being a internet security student i already know many software program which can easily snap all passwords from chrome and sends it to the attacker ,the second great thing was the algorithm part using this simple trick we just have to remember the base password and have to just customize it according to site great idea thanks for the info you may like to read:
    Career in Web Designing

  14. Kirk
    August 1, 2013 at 5:47 pm

    Steve Gibson of GRC.com and Spinrite fame thinks very highly of LastPass. I use and like it as a result.

  15. Dude
    August 1, 2013 at 3:36 pm

    I prefer to give my passwords straight to NSA, saves me a lot of hassle.

  16. Peter Hood
    August 1, 2013 at 11:34 am

    I recommend Mirek's free and very good PINs, which you can find here:

    http://www.mirekw.com/winfreeware/index.html

    It uses 448 bit blowfish encoding, has a powerful password generator that can generate passwords with digits, characters, upper and lower case, symbols and user defined characters.

    The package is multilingual, does not require extra dynamic link libraries, can be run from a USB stick (Mirek quaintly refers to running it from a floppy), can export to ascii, and on it goes.

    There are many other features including secure file erasing (though I recommend Eraser for this) and what tops it for me is that it is OSI Certified Open Source Software.

    Oubliette is another option, though no longer being developed it may already have security implications:

    http://www.tranglos.com/free/oubliette.html

    I used to like this package

  17. Gr3gw
    August 1, 2013 at 11:30 am

    I've used Sticky Password (http://www.stickypassword.com) for years. It's reliable and safe. One of its best features is that it can automatically log me in when I go to a website, no need to fetch the login name and password. Other features include logins for applications, form filling and safe memos. FIVE STARS!

  18. William M
    August 1, 2013 at 10:49 am

    Safe In The Cloud is another alternative. It keeps an encrypted copy on your drive & syncs one to their server. Very nice interface, easy to setup & use.

  19. Lisa Deutsch Harrigan
    August 1, 2013 at 9:01 am

    Roboform - Keeps not only passwords for the web, but also programs, and safe notes. And Personal IDs with Credit cards etc. In the cloud, on your computer, on a thumb drive and there are android and iThing apps. Everything is encrypted, can't get in without the password. Organization is pretty good, but they were a Web Browser Password keeper with new ideas tacked on, and it sometimes shows.
    But I started on Palm with SplashID. Not as browser compatible, but even more free form and better organization than Roboform. I use it to keep track of all my credit cards, the Insurance Paperwork, SS#, and anything else I want safetied. And all the important websites and software passwards are echoed in there.
    I have no brain, that's why I have computer programs. With back ups. Since it started on Palm, it works anywhere.

  20. Ben
    August 1, 2013 at 9:00 am

    What I need is a reliable password manager that lets me auto-login to my web accounts on my Android phone. I have tried lots of password managers, and I have as yet not been able to find the "perfect" one. I have for a long time used KeePassDroid, which would be "perfect" for my needs if it could autofill-in user names and passwords.

  21. Craig Snyder
    August 1, 2013 at 8:28 am

    The brain cannot be hacked!

  22. Darren Reynolds
    August 1, 2013 at 7:52 am

    Passpack for me

  23. Numair Ahmed
    August 1, 2013 at 5:35 am

    I have used all of the above. My personal favourite is Safewallet.

  24. Chandra
    August 1, 2013 at 4:47 am

    No tool is more safer than using your brain. I use an algorithm based pwd management. I fix a certain password with a combination of letters and numbers.. and change certain positions only with the initials of the software/ tool/ website that I am using.. for e.g. xxgxnngnxxg for google and xxyxnnynxxy for yahoo and xxoxnnonxxo for outlook. If I ever need to change password for these tools/ sites then they would contain the second letter: xxoxnnonxxo for google and xxaxnnanxxa for yahoo and xxuxnnunxxu. for outlook.

    You only need to have a 'fixed' password with letters and numbers in certain positions and remember it. This is the I recycle and manage my passwords.

  25. Ali K
    August 1, 2013 at 4:06 am

    I am using lastpass from almost a year, i think right now it has login information of more then 100 websites. All password were generated through lastpass generate password manager. Its the best option in my opinion. (:

  26. Mian S
    August 1, 2013 at 3:55 am

    I have been using LastPass since 2 years. It is really awesome!

  27. Ignacio C
    August 1, 2013 at 3:05 am

    Roboform is an excellent password manager that predates Lastpass. It has *a lot* of features, including password generator, ability to fill out forms in "local" forms (I use it to keep my .zip file passwords together, for example, and when needed a pop up window will fill the corresponding password), etc.

  28. Sam
    August 1, 2013 at 3:03 am

    PassPack

  29. Sam
    August 1, 2013 at 3:03 am

    Passpack is another choice.

  30. Michael C
    August 1, 2013 at 2:05 am

    I prefer using Dashlane.

  31. Mark
    August 1, 2013 at 1:03 am

    If you use Chrome and Keepass and want Chrome to pull the passwords from Keepass automatically you can install the KeePassHTTP plugin into Keepass, and the chromeIPass plugin for Chrome.

    The KeePassHTTP plugin .plgx file can be found here

    https://github.com/pfn/keepasshttp/blob/master/KeePassHttp.plgx

  32. Mac W
    July 31, 2013 at 11:50 pm

    1Password as My brain is full of other thing, my hands are not big enough for all passwords, I always forget where I put notes with passwords and I'm too lazy for the algoritm technique

  33. Guy P
    July 31, 2013 at 11:35 pm

    Any thoughts on Dashlane?

  34. Gary
    July 31, 2013 at 10:31 pm

    Password Safe.....

Leave a Reply

Your email address will not be published. Required fields are marked *