What sort of password person are you? Are your passwords all easy-to-remember variations of the same basic theme, so you don’t forget them? Or do you have many different passwords that you can’t remember, so you list them in a notebook or perhaps on sticky notes plastered around your computer?
Neither way of managing your passwords is good enough if you care about online safety.
If you want to be safe from potentially disastrous ID theft or hacking, you need a better way to manage your passwords—a solution that makes it simple for you to use your passwords but very difficult for cyberthieves to guess them, steal them or trick you into disclosing them.
Solution: Password manager software. This type of secure, easy-to-use software allows you to automatically fill in your log-in “credentials” (typically a user name and password) at any site so that you don’t have to remember them or look them up each time you visit the site.
How They Work
There currently are more than a dozen password-manager products to choose from. With each, you download the software from the password manager’s website to your computer and/or your mobile device such as a smartphone or tablet.
The software allows you to create the digital equivalent of a bank vault with your information heavily encrypted and stored in the cloud and/or on your hard drive. During the set-up process, the software automatically gathers all user names and passwords that you already have saved on your device and stores them in your vault…and, with some of the password managers, removes the information from your hard drive. It also captures and stores any additional user names, passwords and other personal information that you enter on various websites from then on.
You can set the password manager to always automatically activate itself…or you can activate it when you need it by clicking on a toolbar icon on your computer or an app on your smartphone and entering a single master password that you have previously created. Then, when you visit a password-protected website that you have logged into previously, the password manager automatically fills in your log-in information. It also can store and fill in other personal information such as your credit card numbers, mailing address and e-mail address, which is a more secure way to store that information than saving it on shopping sites, where it may be vulnerable to being stolen.
Are They Safe?
All communications between your device and the password manager—and the information stored by the password manager—are heavily encrypted using standards that the US military uses for some of its information encryption.
In addition, password managers evaluate all of your passwords to see how vulnerable each might be to hackers. Then they suggest more complex substitutes for passwords that are not safe enough and, with some password managers, for passwords used on too many sites. Because you no longer have to worry about remembering any of your passwords or typing them in, you can use complex ones that are extremely difficult to crack such as Sk$ltyF>z%OyQ4h^ijI.
Using a single master password to protect all of your other passwords may sound unwise because if someone gets hold of the master password, you’re completely vulnerable. However, for most people, it is easier to create, memorize and protect a single, complex password that you never write down or tell anyone about than it is to remember and keep track of numerous weak ones.
For a guide on how to create a strong password, go to TomsGuide.com.
Of course, a password manager can’t protect information that you have stored with Google, Yahoo, Home Depot, your bank, your credit card issuer or any other company if a hacker is able to break into the company’s user databases.
Best Password Managers
Password managers work with almost any computer, laptop, smartphone or tablet, and they support both the Windows and Mac operating systems on computers and the Android and Apple operating systems on mobile devices.
The three password managers below are among the best. The first two have a feature that allows you to automatically change weak or overused passwords on multiple sites to newly generated ones with the press of a button. Not every site allows third-party programs to do this, but even so, it can save a lot of time and help make your accounts more secure.
- Best for people looking for a free version: LastPass is the most popular password manager, with more than 7 million users in more than 100 countries. Although the premium version costs only $12 per year, most people will find the free version to be adequate. That’s because LastPass recently began allowing users to open a single account and use the free version on all devices. LastPass.com
- Best for people who want a very user-friendly program: Dashlane has 3 million users and offers the most intuitive interface and easiest-to-use software of all the password managers. Downside: Its premium version is more expensive than most competitors at $40 annually. The premium version enables you to sync passwords across multiple devices and also gives you priority access to customer service. Dashlane.com
- Best for people who don’t want to deal with remembering a password at all: True Key, offered by the technology giant Intel, lets you use facial recognition instead of a master password. It uses your webcam or smartphone camera to scan your face. Cost for premium version: $20 a year, which lets you save up to 2,000 passwords…the free version lets you save only 15. TrueKey.com