1. Passwords are hard but essential
As I’ve written before, passwords truly are your first line of defense. No matter what service you’re using, the security is only as good as the password.
But making a strong, random password is complicated. Mind you, it’s not impossible. But unless you’re a cryptology masochist who finds it fun (like me), then password managers can take a lot of the pain out of the process.
Their core feature is the generation of new passwords for your use — passwords far stronger than any you could ever come up with.
2. Each password should be unique
Coming up with a strong, random password is nice, but it’s pointless if it isn’t unique. That last bit is often overlooked.
Like I was saying: a site’s security is only as good as the password you use. But that means a website’s security could conceivably be worse than your password.
If you’re using the same uber-strong password everywhere, then those sites and services with poor security could potentially compromise you on the ones that actually take security seriously.
When one gets hacked, they all get hacked. Like dominoes — except each falling tile is a piece of your life some faceless hacker is knocking down.
If you use the same password for multiple accounts – when one gets hacked, they all get hacked. And fall like dominoes.
3. You have way more accounts than you can handle
If all you had to do was remember two or three strong passwords, maybe you could get away with it. It would be hard, but muscle memory would take over at some point.
But conservative estimates say the average internet user has 26 distinct online accounts. Even if you could create unique passwords for each, you’d never be able to remember them all. One study found that people had on average 37 password reset emails lying around their inbox. That’s 37 times someone forgot their password and had to start the dance of creating a new one all over again.
4. A password manager means only one password
Password managers are a great double-whammy: not only do they drastically increase your security, but they also simplify your life.
A good password manager:
Creates strong, unique passwords for all your accounts
Remembers them for you, and enters them automatically so you don’t have to
Keeps them all under lock & key with some form of encryption
Only requires you to remember a single password
That master password is all you need to remember. The password manager takes care of the rest.
That master password is your key: it’s the only password you need to remember. No more trying to remember whether you ended the word with a capital E or a 3, where the @ and $ fit in, and resetting passwords. You’ll use it to tell the password manager “Go forth and apply the right login and password for this site.”
5. Many of them are free
If money’s a deal breaker for you, then take heart: there’s a lot of competition out there, and many password managers offer their services for free.
Some, like Dashlane or Lastpass, offer free password management for one device, with a paid option that syncs your passwords across all your devices.
Others, like Keypass, are totally open source and free. That means that entire communities of developers are working together to improve the code, and you can general choose the features you want the manager to have.
Though paid services don’t necessarily offer better security, most have other advantages. For instance, they almost always offer alerts when major breaches occur, warning their users to change their passwords if a website has been compromised.
No, password managers are not perfect
As useful as they are, password managers are not the cure to all your online security problems.
For one, they aren’t invulnerable: some of them have been breached in the past. The cloud storage and synching options some offer can backfire in those cases.
Perhaps more important, a weak master password will leave all of your passwords vulnerable. So it’s essential to make the master password as strong as it can be. Remember: that’s the only one you need now, so make it count.
Password managers also can’t do much about malware on your device. If a keylogger is spying on you, it could record your passwords as you enter them. So it pays to pair a password manager with a good antivirus software.
Finally, while using a password manager is a great addition to your security, it’s still just a password, a single method of authenticating your identity. Two-factor authentication adds a second method so that even if your password is breached, it still won’t be enough for your account to be hacked.
The best password managers offer some form of two-factor authentication, but there are also standalone options; and major services like Google, Apple, and Facebook all offer it for their services.
But they’re still worth it
Bottom line: There’s no such thing as perfect security. Despite their failings, using a password manager still puts you miles ahead in terms of security, making it that much less likely you’ll fall victim to a hack.
Passwords aren’t going away anytime soon. But password managers can make living with them bearable.
What’s not to like about that?