The following is an excerpt from a book I’m working on about cybersecurity. It’s a short passage on password managers, and what they do. You really should be using a password manager.
When I ask the question “Do you use a password manager?” the top response I get is “What is a password manager?” Don’t laugh or scoff. A very close friend with two advanced degrees asked me that very same question.
What is a password manager?
A password manager is a program which helps you manage your passwords. Pretty self-explanatory, right? Password managers generally accomplish three tasks.
- Encrypt and securely store your passwords
- Generate more secure pseudo-random passwords along certain rulesets
- Facilitate logging-in with browser plugins or other tools
Time and time again, even from those who know what a password manager is, I hear people admitting they don’t use a password manager. And truthfully, I was the same way. I didn’t switch over to a password manager until two years ago. I probably would have delayed further, but a coworker of mine effectively required I do so.
Prior to that, I had my own terrible system; I kept usernames and password hints in a Google Docs spreadsheet. They were separated into different tables, with each password having a number and a hint. The only place they were stored was in my brain. That wasn’t an ideal or secure system for a lot of reasons.
You may have a system too. I’m sure your system has a host of security problems. Mine sure did. A password manager is the best system we know. Any blog post about security, online privacy guide, or security stickler will tell you to use a password manager. Here’s what they won’t tell you: moving over to a password manager REALLY SUCKS. (More on that in a future post!)