How many times did you try to log in to an online account only for your brain to go blank when you needed to fill out the password? An average person in 2020 had 100 passwords, according to a study done by a password manager company NordPass so it's no wonder why we keep forgetting our passwords op why people use weak passwords or repeat them.
Still, passwords remain one of the most important barriers between you and a data breach, so making sure that all online accounts are protected with complex passwords is important.
Of course, the problem then is remembering all your passwords, but this is where a good password manager comes in, so let's take a look at the pros and cons of password managers and why you should consider using them.
Important Password Hygiene Rules That You Should Follow
Taking care of your passwords is important if you want to protect your sensitive data.
What is sensitive data?
Sensitive data is any data that contains confidential information and that you want to keep out of reach from anyone unauthorized to access it.
There are three levels of sensitivity that data can be classified in:
- Low sensitive data, which includes data that creates no risk to its owner if it is exposed. Examples of this type of sensitive data include data that is already public domain or has been published with the owner's permission.
- Moderately sensitive data includes data whose exposure would lead to some minimal damage to the parties. An example of such data would include traveling documents, IT service info, intellectual property, student records, etc.
- Highly sensitive data. This is the data whose reach would lead to significant financial and other damage for an individual or an organization. It includes personal health information (PHI), social security number (SSN), and other information that must be kept private.
So how do you ensure proper password hygiene?
Here are some password hygiene rules you should follow:
- Use complex passwords
What is a complex password?
A complex password contains at least 12 characters, including uppercase and lowercase letters, numbers, and special symbols.
For example, 12345678 or qwerty are NOT complex passwords by something like #uX%OCv*%XZh is.
- Never repeat passwords
Many people use the same password on multiple online accounts because they can't remember all the passwords they have.
However, reused passwords only make the job easier for potential hackers, who now have access to not just one, but several of your online accounts.
- Update your passwords
Even if you created a really strong and complex password, with enough time every online password can be breached.
Because of this, it's important to change all your passwords regularly, such as every 90 days or so to protect your online accounts from hackers.
Why you should be changing passwords regularly?
- It's easier to brute-force a password that you've been using for years than the one you've just made. This is because changing passwords will make the job for a keystroke logger program much harder
- If a hacker already got your password they now have access to your online account. Changing the password immediately is a must
- When changing or losing your devices, your passwords are probably saved on them for easy access. Now someone else has that access so you should change your passwords
Should You Use a Password Manager to Manage All Your Passwords?
Of course, managing all your passwords singlehandedly takes a lot of time and effort and the margin for error is very low.
This is where a password manager can make your life easier.
A password manager is simply an online service or a program that you can use to store all your passwords, generate secure passwords, access and manage passwords from a password vault.
This way, you don't have to remember dozens of passwords, but just one master password.
So what are the pros and cons of password managers?
- You only need to remember one password
One of the biggest problems when it comes to password management is remembering all those different passwords. With a password manager, you only need to remember its master password which will give you access to your password vault and from there you can access all your user accounts
- You can generate strong passwords easily
Creating a really strong password that you won't forget the next moment is a tough task. Luckily, with a password manager, you can simply generate passwords with a click and copy/paste it wherever you need it
- Password managers make logging into your online accounts easier
Since most password managers now have an auto-fill option that allows you to insert the username and the password based on the URL from the page, this makes the process of logging in to your online accounts much easier and faster
- Works across different devices
Most password managers work across multiple devices, so if you have a laptop, a smartphone, tablet, and some other device your passwords will be updated across all of them as long as you have the password managers on them
- It creates a single point of failure
While it's easier to remember one master password instead of several, this still poses a risk that, if someone finds out your master password, they can now access all your accounts.
The bad news is that online password managers are not immune to security vulnerabilities. For instance, LastPass suffered a hack in 2015.
The good news is that most password managers now use zero-knowledge protection, so even if someone hacks the password manager, your passwords will be in encrypted form and unusable to the hacker.
Read this article to learn what is password encryption and how does it work.
- There's a learning curve
Setting up and using a password manager comes with a learning curve. And while most password managers greatly simplify this process, you might still run into some trouble when trying to import passwords or access your online accounts from different devices
- It may not support your browser
Most password managers support popular web browsers such as Google Chrome, Microsoft Edge, Safari, and Mozilla Firefox. But if you're using a specific privacy browser, the password manager might not work for you
Don't Rely 100% on Password Managers to Keep You Safe
Password managers naturally have their advantages and disadvantages and are one of the best privacy tools you can use to secure your data. It is certainly more convenient to have to only remember a master password instead of dozens of passwords and you can also use it to generate complex passwords and save them.
The problem, however, lies in trusting a 3rd-party service and single-sign-on with your online security. If someone hacks one of your passwords they will only have access to one online account, but if they hack your master password, they'll have access to ALL your online accounts.
While it's a good idea to use password managers, and we do recommend it, don't trust them completely. Instead, use them to manage your social media accounts and regular websites you're signed on, but for stuff like your email accounts and financial accounts memorize your passwords or write them down.
Finally, you should also make sure to use two factor authentication (2FA) wherever you have that option. This will add an extra layer of protection to your important accounts, in addition to the password.
Looking for a private email service? Check out Liverado.