Choosing some sort of password management strategy to deal with the huge amount of passwords we need is crucial. If you’re like most people, you probably store your passwords in your brain. To remember them all, you have to cut corners — choosing weak, easy-to-remember passwords and reusing them for multiple accounts. But there are better ways — a good password management tool will allow you to use secure passwords without devoting lots of time to memorization.
We’ll cover a variety of different password management tools here, from the high-tech to the traditional. It’s important that you sit down and figure out some sort of password strategy. If you’re not using strong, unique passwords, you are vulnerable.
The human brain is the original password management tool. In a world where people only needed a handful of passwords at most, this worked just fine. These days, using only your brain to manage your passwords has become almost impossible. If you use passwords properly, you should use complicated, secure passwords — and use a completely unique password everywhere.
Because this is so difficult, people turn to shortcuts like reusing the same password everywhere. With all the password leaks occurring, this is a very dangerous security practice. An intrusion at one website could result in your accounts everywhere becoming compromised.
This method is perfect for: People who somehow only need a handful of passwords and people with photographic memories.
Firefox or Another Browser’s Password Manager
Managing your passwords with just your brain is too difficult, so where does that lead us? Well, you can have your computer store your passwords for you. Sure, there’s some risk involved — but it’s much more risky to use the same password everywhere. If you have your computer manage your passwords for you, you can use strong, complicated, and unique passwords everywhere — you don’t have to remember them, so they can be quite complicated and long.
The most obvious password management solution is the one in your browser. Your browser asks you to remember passwords when you enter them. It will store these on your hard drive and prompt you to automatically enter them when you next view your website.
Firefox has the best built-in password manager. Its master password feature allows you to protect your stored passwords with a strong master password — this is the one you’ll have to remember. Your passwords are then stored on your hard drive in an encrypted form, so no one can snoop on them without your master password. Firefox can also sync these passwords in encrypted form with Firefox Sync, so you’ll always have a backup copy and you can use them in the Firefox browser for Android. Unfortunately, Firefox is only available for Android mobile devices, so you won’t be able to access your passwords from an iPhone or iPad.
We don’t recommend using the password manager built into Chrome or Internet Explorer because these browsers can’t properly protect your passwords — they store them on your computer in an unencrypted, easily accessible form.
This method is perfect for: Firefox fans who don’t want to use a separate password manager and have an Android phone.
LastPass – Cloud-based Password Management
Password managers included with browsers aren’t amazing. Firefox’s is the best, but it has some major limitations — it can’t automatically generate a strong password for you, it’s unavailable for iPhone and iPad, and it doesn’t have a great interface for organizing and managing your passwords.
LastPass provides browser extensions and mobile apps for all popular browsers and platforms. It stores your passwords in encrypted form on LastPass’s servers — you need your master password to decrypt the passwords on your computer. It syncs and is available anywhere, whether you’re using Chrome, Safari, Firefox, Internet Explorer, Windows, Mac, Linux, Android, iOS, Windows 8, or any other browser or platform. It can automatically generate secure passwords for you and inform you when you’re using weak or compromised ones.
We strongly recommend LastPass as one of the best password managers you can get. The base version of LastPass is free. if you want access via mobile apps, you’ll have to get LastPass Premium — only $12 per year.
This method is perfect for: People who want a do-everything app to generate their passwords, securely store them, and make them accessible everywhere. A good password manager can take a load off your mind.
KeePass – Local Password Management
LastPass stores your encrypted password vault in the cloud, which is convenient — but it may also be unsettling for some users. Some people may prefer to keep their passwords stored on their local computers, but want a more advanced, secure tool than the password managers built into web browsers.
KeePass is a free, open-source desktop app. It runs locally on your computer and doesn’t sync with anything. If you want to back up your KeePass passwords or make them available on your phone or other PCs, you’ll have to move your password database file around manually. It’s a powerful, secure application, but it’s more complicated to use than other password managers — especially because it doesn’t provide browser integration or syncing by default.
This method is perfect for: Geeks who want full control over their own password database and don’t mind using a more complicated tool.
Writing Down Passwords
Instead of relying on your brain or a piece of software, you may want write the passwords down in a notebook. This way, you’ll be able to use unique, complicated passwords everywhere without forgetting them. You also won’t have to worry about your password database being compromised.
If you do go this route, you should only write down passwords that aren’t very important. Passwords to unimportant websites are fine, but you shouldn’t write down the passwords to your primary email account (which could be used to reset your other passwords), online banking, or other important accounts. You should also store the notebook somewhere safe — don’t just throw it in your backpack or purse and take it with you everywhere. You’ll also lose your passwords if you misplace the notebook or it becomes stolen.
All in all, a notebook might be a great way to remember your Netflix password, but it’s not a secure way to manage every password. You’re better off with a proper password manager.
This method is perfect for: Passwords that aren’t very important.
If you do want to use only your brain, here’s a trick for you: Come up with some sort of base password and an algorithm to tweak it for each individual website.
For example, your base password could be fd#97sdX^Sik35. For Google.com, you could take the base password and turn it into gfd#97sdX^Sik356, because Google.com starts with a g and the domain name contains 6 letters. This is better than using the same password everywhere and still allows you to manage your passwords with only your brain and no third-party tools. However, this is just an example — ideally you’d modify the password more so it wouldn’t be so similar everywhere.
There are password generators that generate website-specific passwords based on a master password. These function similarly, essentially implementing the algorithm as software.
This method is perfect for: People who want to do it all in their own head.
Methods You Shouldn’t Use
Whatever you do, there are methods you shouldn’t use. These tricks are sadly quite common.
- Using Weak Passwords: Yes, “password” or “letmein” are easy to remember, but you shouldn’t use them because they’re very easy to guess. We’re not joking about this either — these are some of the most common passwords found in leaked password databases, along with other obvious passwords like “123456.” You should choose a longer, less obvious passwords with a variety of different types of characters.
- Reusing the Same Password Everywhere: So you’ve thought up a complicated, secure password — great. But you shouldn’t use this password everywhere. After one leak, your password can be paired with your email address to access many of your other accounts. They can even use it to access your email inbox if you used the same password for your email. Password leaks are one of the greatest password-related threats we face, so using unique passwords is extremely important.
These methods are prefect for: People who want their accounts compromised.
Which Solution Is Right For You?
So how should you manage your passwords? If you’re unsure, we recommend you try LastPass — it’s easy to use and works everywhere. But it’s not the only good option, which is why we’ve given you so many other ideas above. For more information, be sure to read our password management guide.
How do you keep track of all your passwords? Leave a comment and let us know!