Password Management

If you do any amount of business online or through mobile apps, you’re familiar with password protection. It can be pesky, but passwords are part of life, and they’re absolutely critical for keeping your private information secure.

Every time you register for a username and password on a website, cybercriminals have another opportunity to steal your information and your money.

A first rule of passwords is to have a different one for each service or account so that if one of them is compromised it doesn’t risk compromising all accounts – especially sensitive sites such as online banking. 

A second rule is to make passwords as complex as possible. Simple passwords like your company name or birthdate pose a huge risk because those details are too easy for a cybercriminal to guess or exploit. We talk more about how to create complex passwords in this article.

And the third? Keep the passwords secure so that no one else has access–and change them at least every 90 days.

That’s a tall order. The “old” way of keeping track on a post-it note or a document on your computer was never really secure.

Our advice for managing and remembering all those complex passwords is this:

  • Don’t use the password storage that internet browsers like Chrome and Firefox offer. A lot of malware exists to compromise those.
  • Apple's Keychain works fairly well as a password manager if you use only Apple devices that belong to you and have a very complex password that you can remember protecting those devices. (But if your computer is compromised, then your keychain could also be compromised.) 
  • If you use a password “vault,” or manager, choose one that secures your data, both on your machine and in the cloud, with strong encryption (such as AES256).

If you choose a password manager, use it to generate complex passwords any time you need a new one. They’re stronger and more diverse.

Use a password manager with two-factor authentication. This is means it will send a signal or code to another device you own to verify it’s really you.

Choose a password manager that can’t recover your master password for you. If a criminal gets access to the password you use for your password manager, you’re really in trouble. Choose one that instead asks multiple security questions to verify your identity and then allows you to reset your master password.

Other considerations when selecting a password manager include:

  • Pricing for families and unlimited syncing across all devices
  • Integration with both Mac and Windows devices, along with Apple and Android
  • Browser extensions for your most-used internet browsers
  • Secure password sharing that’s encrypted for protection
  • A bulk password changer that changes all of your passwords at once when you initiate it
  • Option to add monitoring of the internet for unauthorized use of your personal data

Here are a couple of options to consider, though you should certainly shop around to find the right fit for your needs:

https://1password.com/

https://www.lastpass.com/

Quick Links