Pinterest Stumbleupon Whatsapp
Ads by Google

When it comes to making your digital life more secure, it’s tough to beat a password manager How Password Managers Keep Your Passwords Safe How Password Managers Keep Your Passwords Safe Passwords that are hard to crack are also hard to remember. Want to be safe? You need a password manager. Here's how they work and how they keep you safe. Read More : they make it so you only have to remember one master password, instead of individual ones for the dozens (if not hundreds) of sites you’re a member of. They also tell you if you have strong passwords, let you get your login information on your phone, and all sorts of other conveniences. But there are a number of things you can do to negate the benefits of password managers, and you’re probably doing at least a couple of them.

In fact, these mistakes can make your password manager a downright risky app to use. And some of them are really easy to make. Let’s take a look at what you might be doing wrong and how it affects your security.

Staying Logged In

This is certainly one of the most common mistakes; if your password manager is logged in when you open your computer or your browser after closing it, you’re opening yourself up to some risk. If someone grabs your laptop off of a table while you’re getting coffee, or manages to steal the password to unlock your machine, they’ll have instant access to all of your passwords and any other valuable information you’ve stored in your password manager.

While it’s not likely that someone will have physical access to your computer, is it worth the risk of giving them access to every account you have saved in your manager? That probably includes email (though that should be protected by two-factor authentication), banking, social networking, and every other site that you log into. That’s a pretty big risk, even if the chances are low.

log-out-idle

To mitigate this risk, you should make sure that your password manager automatically logs you out when you close your browser, when your computer goes to sleep, or after a certain period of time (one to two hours is probably a good place to start). If you want to be extra secure, you could see if there’s a setting that requires your master password every time you fill in login information. This might be a bit unwieldy, but it’s definitely very secure.

Ads by Google

Weak Master Password

Although your password manager will generate and remember strong passwords for all of your sites, you still need a good password that unlocks the manager. Choosing “password” or “123456” (these are the two most popular passwords 7 Password Mistakes That Will Likely Get You Hacked 7 Password Mistakes That Will Likely Get You Hacked The worst passwords of 2015 have been released, and they're quite worrying. But they show that it's absolutely critical to strengthen your weak passwords, with just a few simple tweaks. Read More ; seriously) as your master password means someone might be able to guess their way into your account, and that’s bad. Yes, you want to make sure you don’t forget your master password, but if you make it really simple, you’re compromising your security.

Instead, use some of the tips we’ve provided in the past about creating strong passwords How To Create A Good Password That You Will Not Forget How To Create A Good Password That You Will Not Forget Read More . For instance, use a passphrase Why Passphrases Are Still Better than Passwords & Fingerprints Why Passphrases Are Still Better than Passwords & Fingerprints Remember when passwords didn't have to be complicated? When PINs were easy to remember? Those days are gone, and cybercrime risks mean fingerprint scanners are next to useless. It's time to start using passcodes... Read More instead of a password to make it really hard to guess or brute-force. Grab one of your favorite books 7 Ways To Make Up Passwords That Are Both Secure & Memorable 7 Ways To Make Up Passwords That Are Both Secure & Memorable Having a different password for each service is a must in today's online world, but there's a terrible weakness to randomly generated passwords: it's impossible to remember them all. But how can you possibly remember... Read More to make up a secure password. There are all sorts of methods you can use. Just make sure that you use one and get a secure password! And then check it with an online password strength tester like How Secure Is My Password?

Not Using Two-Factor Authentication

We’ve written a lot about two-factor authentication What Is Two-Factor Authentication, And Why You Should Use It What Is Two-Factor Authentication, And Why You Should Use It Two-factor authentication (2FA) is a security method that requires two different ways of proving your identity. It is commonly used in everyday life. For example paying with a credit card not only requires the card,... Read More (2FA), because it’s one of the best things you can do to secure any account. You should do it with as many accounts as possible Lock Down These Services Now With Two-Factor Authentication Lock Down These Services Now With Two-Factor Authentication Two-factor authentication is the smart way to protect your online accounts. Let's take a look at few of the services you can lock-down with better security. Read More ; email, cloud storage, financial sites, and anything else that allows it. Fortunately, more and more services are offering 2FA, including password managers. Adding an extra layer of security to your password manager sounds like a hassle, and it is, but only a little bit. And if someone gets access to your computer and has managed to steal your password, this will keep them out of your accounts.

lastpass-2fa

If you don’t have 2FA set up for your password manager, you should do it immediately — it’s a big step toward security.

Reusing Passwords

Humans are creatures of habit Points For Everything: How I Tried to Win At Life With Gamification Points For Everything: How I Tried to Win At Life With Gamification My brain is stupid. It thinks I can get done tomorrow what I need to do today, and that I can do this afternoon what I need to do this morning. It puts everything off.... Read More ; we tend to do the same things over and over. Which often includes choosing a specific password multiple times. Even when using a password manager. This doesn’t completely nullify the benefits of a password manager, but it does come close. If someone gets a hold of one of your passwords, they may very well try that password on your other accounts, and if you’ve reused a password, they could gain access.

lastpass-generator

Of course, there’s a very easy solution to this problem: use the password generator included with your manager. You don’t have to go through the process of thinking up a new password every time you create a new account; just let the password manager do it for you. Then save it, and you’ll never have to worry about it again. And if someone gets a hold of one of your passwords, they can try it on all the other accounts they like, but it won’t do them any good.

Choosing Weak Passwords

Because we tend to repeat the same mistakes, even people who use password managers might not take full advantage of them. We’ve said it over and over before, but it’s worth repeating: choose strong passwords. Even if you’re using a password manager, you need to have guess-proof passwords. It’s especially easy to keep your weak passwords Test Your Password Strength with the Same Tool Hackers Use Test Your Password Strength with the Same Tool Hackers Use Is your password secure? Tools that assess your password strength have poor accuracy, meaning that the only way to really test your passwords is to try to break them. Let's look at how. Read More right when you start using a password manager for the first time, but take the time to change them (some managers even have an auto-change feature that let you change them with a single click).

Not Taking Advantage of Extra Features

Most password managers have some cool features that you can take advantage of to improve your security. And while not using them won’t necessarily make you less secure, you can definitely be more secure with them. For example, LastPass has a feature called Security Challenge that looks at all of your passwords and gives you a score. That score is based on the strength of your passwords, how long it’s been since you’ve changed them, and whether any sites that you have passwords saved for have had password breaches in the past.

lastpass-security-challenge

Check out your password manager to see what capabilities you could be taking advantage of to further secure your digital life. You might be missing out on some really useful stuff!

Do You Make These Mistakes?

Not many people probably have perfect habits when it comes to password managers, and it’s pretty unreasonable to expect that everyone will adopt all of the security recommendations above.

But even if you start using one or two of them, your passwords — and therefore your digital accounts — will be much more secure, and that’s good for everyone (except cyber criminals). Take a few minutes to think about how secure your password manager really is, and then take some steps to improve it.

How many of the bad habits above do you practice? (I’ll admit to at least two of them.) Do you ever worry about how secure your password manager is? And will you change your ways now that you know how to make it more secure? Share your thoughts in the comments below!

  1. Ted
    July 21, 2016 at 8:25 pm

    #7 Using LastPass - Don't store your passwords online. Use KeePass or another program that allows you to store the password file where you can protect it. Having thousands of customer password files with a company is too tempting for bad people.

    • Dann Albright
      July 25, 2016 at 8:04 pm

      That is a potential drawback, but as far as I'm aware, LastPass hasn't had any major breaches. I believe they lost the hashes of some passwords once, but they have to know that if they suffered a breach, they'd be done, so I'm sure they've invested in absolutely top-notch security. Obviously that only goes so far, but it seems to have done the job well. Also, having them online is really useful for people who move between computers.

Leave a Reply

Your email address will not be published. Required fields are marked *