Email, social media, web TV, work accounts, online news sites — we use so many passwords every day, it’s hard to keep them straight. There’s a strong temptation to re-use passwords across two, three or more sites. You know that your favourite film or the name of your pet doesn’t make for a secure password, so you choose something more secure — a string of random numbers, letters and symbols. A hacker might guess one of those common passwords but they’re unlikely to ever guess yours. Even though you’re reusing it, that hardly matters. Your password is secure, right?
Wrong. If you share the same password across multiple sites, you risk having every account compromised should one of your logins fall into the wrong hands. You might have excellent security yourself — but that won’t always protect you. No matter how careful you are, you can’t prevent bad security practices by the administration of sites you use. When you re-use logins, you’re essentially trusting any individual site with all of your accounts. As several high profile cases have demonstrated, that’s not always a good idea. We’ve recently seen multiple incidents where a site’s administration has failed to properly secure their customer’s details and this has resulted in many accounts being taken over by hackers. If your site logins share the same email and password as a compromised account, anyone who wishes to can now access all your other accounts.
Certainly, you can save your passwords to your browser. But sometimes you need to change devices, switch to a new browser or clear your browser data to resolve an issue. One answer is to use different passwords but to write them all down in a notebook, or record them in a text file. This is a very problematic concept, however. If anyone should come into possession of the written password list or text file, they would have access to all your accounts.
While most of us would struggle to remember every single password we need day to day, there is a solution. A password manager is a piece of software or a service that stores all of your passwords in a single place, encrypted and preserved by a single login that’s easy to remember. Most password managers will generate strong passwords for you, meaning that you don’t have to come up with a new password every time. Another benefit of password managers is that you can select an online service; this allows you to access all of your passwords even when you’re away from your main computer or don’t have your mobile device handy.
Some password managers require a subscription, usually either per month or per year. There are many good quality free options, however. It’s important to choose a reliable service with a solid track record, as weaker password managers can leave your login details vulnerable. As with any password-protected service, you need to guard your password manager login against attacks such as phishing.