Passwords protect every account, from email, to banking, social media, and more. It's thus vital to do everything you can to make sure you use strong passwords that don't fall into the wrong hands.
We've looked before at the importance of password security and mentioned that everyone should use a password manager. Today we're going to look more closely at password managers, including how they work, the security they offer, and how to start using one.
What Is a Password Manager?
A password manager, such as 1Password, is a service that allows to you to generate and securely store strong passwords and retrieve them on-demand. Password managers have a few vital aspects:
- They securely store all your passwords for you. Keeping passwords on a piece of paper or stored in a text file on your computer are both insecure methods. Password managers encrypt your passwords so only you can read them.
- A master password protects all your other passwords. Your password manager only requires you to remember one password to log into your account and access everything else. Of course, this means that it's vital to keep this password safe.
- Password generation lets you create complex passwords effortlessly. Storing weak passwords in a password manager isn't of much use. Instead, password managers feature password generation tools to make a strong password for you. It then remembers these so you don't have to.
In essence, a password manager lets you create a strong, unique password for each website that you don't have to remember. By locking them all behind one master password, you won't have to juggle dozens of passwords in your head.
Benefits of Using a Password Manager
In case this doesn't sound important to you, it's important to note that using a password manager solves almost every common password problem people have. These include:
- Using the same password on every website: If someone gets a hold of one password, they're going to try it on other accounts you use. This will lead to big trouble if you use the same password on every site. But with a password manager, they're limited to cracking just one account since you use a unique password everywhere.
- Using weak passwords: It's tempting to use weak passwords that are short, easily guessable, or otherwise poor passwords that are easily stolen. With a password manager, you can make your passwords as complex as you like---because you don't have to remember them.
- Sharing passwords insecurely: If you need to share a password with a loved one or colleague, sending it over email or other insecure methods is a big security risk. Password managers combat this by offering secure methods of sharing your passwords.
Aside from these basics, password managers offer more great features. We'll look at some of them in a moment.
Teams and Business Plans, Too
While you can use password managers like 1Password on your own, they also have powerful plans for multiple users. The Families plan provides access for up to five people to securely share information and recover accounts if needed.
For business use, the Teams and Business plans provide enterprise-level tools to make 1Password even better. Both offer tools for admins to manage permissions for their various users. With the Business plan, you get fine-grained control over various vaults and activity logs to see exactly who is doing what.
How Do I Start Using a Password Manager?
Getting started with a password manager is easy, but setting it up properly can take a bit of work. However, it's well worth it.
Your first order of business is choosing what password manager app to use. There are plenty of great choices, but we like 1Password. It's an all-around great option that offers an attractive user interface, a few standout features, and solid security.
The only downside is that it's not free. After a 30-day free trial, 1Password costs $3 per month. This is well worth it for the benefits it provides, but if you can't pay, LastPass is a great free option. It's not as slick as 1Password and lacks a few of the cool features, but it's definitely worth a look.
When you sign up for a password manager, you'll need to create an account as you'd expect. This is fairly standard, except for when creating your master password. Because this password is the key to all your other passwords, it is vital that you make it both strong and memorable.
If someone cracked your master password, they would have access to everything in your password manager. On the flipside, if you forget your master password, the company can't help you recover it. Check out 1Password's tips on creating a strong master password (LastPass has some tips too) if you need some ideas.
First: Download Extensions and Apps
Before you move on, you'll need to download the browser extensions and mobile apps for your password manager. This is the primary way you'll interact with your password manager, including password generation and autofill.
Your password manager's site will have a page to download the apps. You should download both the browser add-on for your primary browser (Chrome, Firefox, Safari, etc.) and the app for Android or iPhone. If offered, you can also install the desktop app.
Adding Information to Your Password Manager
Once you've got the extensions and apps on your devices, you'll find that your password manager is empty and doesn't do much yet. You'll need to get started by adding all your passwords into it.
However, if you're using weak passwords, there's not much use storing those. If you store passwords in your browser already, you can import them into your password manager, but this isn't worth doing if you use weak passwords. You're better off updating all your passwords and keeping those stored. This is the part that takes some time, but it's vital.
This will vary by site, so we'll illustrate with an example.
Generating Secure Passwords
Say you want to change your Google account password. First, head to Google and click your account photo in the upper-right. Click Google Account to open settings related to your account, then choose Security. You'll see a Password field that allows you to change it after confirming your current password.
This is where you let your password manager take over. Click on the 1Password extension icon in your browser toolbar and choose the Password Generator tool. Select whether to create a password based on characters or words, how long it should be, and whether to include digits and symbols.
If you keep Allow ambiguous characters unchecked, the password generator will avoid using characters that are easy to mix up, such as a capital O and the number 0.
Once you're done, click Copy and paste the password into the new password field on the website. When you click Change, 1Password will detect the change and ask if you want to update your password. Confirm this, and it will save to your vault.
Adding More Sites and Notes
You'll need to repeat these steps for every site you want to add to your password manager. If you already use a strong password for a site, you don't necessarily need to change it. Click your password manager's extension icon to open your vault, and you can add a site manually.
By visiting your vault, you can also add secure notes. These allow you to store information like your driver's license, passport, or Wi-Fi network information securely.
Daily Password Manager Use
Once you've set up strong passwords for all your accounts, using your password manager is a breeze. Make sure you're logged into it via the browser extension, and simply click the 1Password icon to show sites that match the one you're on. Click the site and the extension will automatically fill your login info and log you in.
It's really that easy. You have peace of mind knowing that you're using a strong password, and don't have to remember the passwords. How great is that?
Password Managers on Android and iPhone
For a while, the biggest pain point of using a password manager was mobile use. You had to type your strong master password on a phone keyboard, then search for the site you wanted to log into and copy/paste the password into it. This was extremely clunky, but it's gotten much better as of late.
Now, password managers integrate with the fingerprint scanner on your phone (or Face ID on the iPhone X and newer) to let you log in quickly securely without typing your master password. The latest versions of Android and iOS also feature autofill features that password managers can use.
When you open an app and need to sign into it, you'll see an autofill prompt to use your password. If you have an iPhone, head to Settings > Passwords & Accounts > AutoFill Passwords. Here, turn on the Autofill option and select your password manager.
On Android, visit Settings in the app and look for a Filling or AutoFill option.
If you ever run into an issue, you can always manually copy and paste your password from your password manager's app or browser extension. And if you're using another computer, you can log into your vault on the website to access your passwords.
As long as you can log into your password manager in some way, you'll have access to your passwords.
Password Managers Have Even More Features
We've looked at the basics of getting set up with a password manager, but there's a lot more they can do. Most have an audit feature that allow you to scan all your sites for poor passwords so you can identify weak points.
1Password includes a neat Travel Mode that removes sensitive passwords from your device while traveling. It also requires a Secret Key stored on your trusted devices when you log in from a new computer or phone. This, paired with a strong master password, makes your account extremely hard to crack.
We can't recommend using a password manager enough. Taking the time to create complex and secure passwords for every website will drastically improve your security, and it's easier on you too. You'll never have to worry about remembering passwords again!