Warning: This is not a sponsored content.
Recently, I managed to convince a friend to give a try and use a password manager. I notice that whenever I talk to people about it, there is always some level of resistance. Some people find it too complicated, others do not see a value on the change, and so on. My goal with this article is to convince you to at least give it a try.
The problem
We use several online services on daily basis, for work or entertainment. Netflix, TikTok, Twitter, e-mail, banking, etc. It’s quite hard to not depend on them.
Due to the number of services, it’s quite common for people to recycle passwords. A lot of them use Google account password in different websites, like social networks, streaming services and even banks sometimes, and that is a problem.
If one of your passwords gets leaked on the internet, you will be in a very vulnerable position. When a data leak occurs, it’s quite common for hackers to try to use these credentials from less secured services on critical websites, such as Google and Apple. When we reuse passwords between services, chances of affecting other accounts besides the leaked one can grow.
On top of that, even less critical services might have sensitive data. Every paid website might need billing information, such as phone number and address. That data can also be accessed by hackers when we don’t use a secure password.
Password managers
To better explain what they do, let’s imagine the following scenario: Carla uses the same unique password created in 2012 for each and every account she creates: Abacate@2012 (avocado, in Portuguese) is used everywhere. Twitter, Instagram, Facebook, bank… Everywhere.
When we use a password manager, the idea is to give Carla only one task: Create a single strong password, in this example, let’s use Carla_Senh@forte#2020!.
The goal is that Carla delegates the task of creating strong and unique passwords for everything in a single app, which stores the data in a safe and encrypted way. That changes the above scenario to something like this:
By doing so, we solve the main problem. If Spotify gets hacked for example, Carla does not need to freak out, since that password is not used anywhere else.
How can it work safely
The user needs to create a strong password, containing upper and lower case letters, numbers, symbols and as many characters as he/she can memorize. Keep in mind that you cannot, under any circumstance, forget that password. If it happens, you will probably lose access to your data.
The password manager uses that password to encrypt everything. By doing so, if a leakage happens, nothing can be read by a third party.
Available options
There are several options available. Some of them are free, open-source, self-hosted, and so on.
Where to start
I’ll give you a list of password managers, and the first three allow you to store as many credentials as needed, free of charge:
- Bitwarden: https://bitwarden.com/
- NordPass: https://nordpass.com
- Apple Keychain: https://support.apple.com/en-us/HT204085 (I would only recommend it if you have a MacBook and an iPhone)
- 1Password: https://1password.com/
Also, all options above allow you to export your data, in case you decide to change it in the future.
Just do it!
I strongly recommend you to just pick a password manager that satisfy your needs and just try it. Download the apps, set it up on your phone and browsers and go for it.
The initial setup to migrate all your credentials and change the repeated ones can take some time (some of my passwords are still shared), but only that phase is time consuming. Once it’s finished, it’s very easy to keep everything backed up and up-to-date.
There are other topics to discuss about it, such as emergency contacts, advantages and disadvantages, file storage, password sharing, and so on. But I’ll leave these to another article.