How To Never Forget a Password Again
By David Weedmark
Updated August 01, 2017
It seems like every time you turn around there is a new data breach with experts warning everyone to change their passwords. This means not just changing your password once for every website and online service you use, it usually means changing it on your home computer, your work computer, your smartphone, and your tablet if you own one.
When it comes to online security, one of the best things you can do today is to use a password manager. Not will you never need to memorize dozens of passwords, you don’t even need to know what they are. A good password manager creates passwords for you, fills them in and remembers them across multiple devices.
The Myth of Strong Passwords
A few years ago, a combination of lowercase and uppercase letters and a number or two were all you needed to create a strong password, provided you didn’t use a name or a word found in the dictionary. That just isn’t true anymore. Today’s password cracking programs can hack most eight-digit passwords in a minute or less. If you use something clever – and common – like, paSSword, or trustno1, it can be cracked in milliseconds.
What Makes a Strong Password
The most important aspect of a strong password today is its length, regardless of what characters you use. A password like mulberrystreet, which contains 13 letters is much stronger than even a complex password like 9L*rtPq1. The first would take over 50 years to crack – according to the website How Secure Is My Password? – while the shorter password would take a few hours. A series of 20 random characters would take the same software about a billion years. If you used a password that was 22 characters long, every star in the galaxy would burn out and grow cold before a hacker’s computer could figure it out.
Using a Password Manager
A password manager is a small program you install on your computer and other web-accessible devices that stores passwords for every website you use. On your computer, it is usually a browser plugin, while on a tablet or smartphone, it’s a small app.
You need to remember only one password – the one that opens the password manager. When you go to a website, it fills in the username and password for you automatically. If you want to change your website password or create an account on a new website, it will generate one for you automatically, usually between 20 and 22 characters long. Your login information is kept encrypted and is updated between all of your devices automatically as soon as you connect to the internet. Some are free, while others require a small annual fee, while most offer a free version with payment required for advanced features.
Using the Cloud Vs. Local Storage
Before choosing a password manager, you should first decide whether or not you are comfortable with your passwords being stored in the cloud, or if you would prefer they be stored only on your devices. When companies refer to the cloud, of course, they mean their own servers. While the majority of password managers do keep this information encrypted, it is a matter of comfort and personal preference. Millennials, for example, are more trusting of cloud-based services, while older generations may prefer having their information stored on their own devices. KeePass, 1Password and SplashID offer local storage, while Dashlane and LastPass use encrypted cloud-based storage.
1Password is supported by Windows, Mac, iOS and Android. It stores passwords locally on your device and offers an optional cloud storage service. You also have the option os using DropBox or iCloud. If your devices are connected on your home network, it can synchronize passwords using Wi-Fi. If you want to share passwords in your home or office, it gives you the option to share your password file on your local network too.
Another another password manager that gives you an option between storing passwords locally or online is Dashlane. It uses a two-step authentication process to register each of your devices, using your master password and an email confirmation. Its free service lets you use it on a single device, however you will need the premium service to synchronize all of your devices, or share more than five items, as well as get customer support.
Keepass is an open source software project, which means it is free to use, but also may require some technical know-how to use all of its features. For example, to syncrhonize your account across mutlipled devices, you need to install a plug-in. However, it also has plugins to do things like change the encryption algorithm it uses or to write your own automation scripts. It has an optional cloud backup option, otherwise it stores your passwords locally, which you can share across multiple devices using DropBox, Google Docs or Microsoft OneDrive. You can share your password file with multiple users, or manage different password files yourself – like one for home and one for the office.
LastPass is an extremely popular password manager that offers a free and a premium service. All passwords are stored encrypted in the cloud. It too supports Apple, Windows and Android operating systems. The free version includes synchronization between multiple devices, including its app on mobile devices and web browser plugins on Apple and Windows computers.
SplashID also gives you the option between local and cloud-based storage. It supports Apple, Windows and Android devices as well as BlackBerry. An account for a single device is free, while the ability to share or synchronize across multiple devices requires a modest monthly or annual fee. Like Keepass, you can share your password file with people at work or at home, however this costs an additional fee. One unique feature of SplashID is the ability to decide if you want a specific login to be cloud-based or local storage. For example, you can keep all of your less-important passwords in the cloud, but keep your banking and credit card login information only on your device if desired.
A published author and professional speaker, David Weedmark has advised businesses and governments on technology for more than 20 years. He has taught computer science at Algonquin College, has started three successful technology businesses, and has written hundreds of articles for newspapers, magazines and online publications on computers and other technology topics.