Why Should I Use a Password Manager?

We repeatedly stress the importance of strong passwords that are unique to every website, but with dozens (or hundreds) of complex passwords it becomes challenging to remember them. This is where a personal password manager can help.

HELP – I forgot my Password!

If forgotten, most sites these days allow you to do a password reset, verified by email or two-factor authentication.  While not the most convenient, it’s commonly used by almost all users. Password mangers are able to secure store all your passwords, especially the ones that cannot easily be recovered or reset.

How Do You Remember All Your Passwords?

You never want to store passwords unencrypted on your computer (or in the cloud for that matter).  This includes Word/Excel documents, PDF’s or plain text files. Alarmingly, this is what many people do.  It’s like making that password Post-it® Note stuck to your monitor available for hungry hackers to find (oh… don’t do that either).

There are a variety of app- and browser-based solutions to password management, many of which are free for personal use.  One of the highest-rated and most popular is LastPass from LogMeIn, though there are several others with similar features.

How Does LastPass Work (and is it Secure)?

LastPass will prompt you to set up a strong “master password” to access your account, which is irreversibly encrypted and unknown to LastPass.  Your device (phone, tablet, or browser) has a private key to read the contents of your encrypted password vault upon authentication with the master password.

While some users are happy enough to use LastPass solely as a password-protected list of logins or secure notes when needed, others may want to grant the app access to interact with other apps and websites, which LastPass recommends.  Doing so allows you to auto-fill login credentials and contact information from profiles you create. Another nice feature is the automatic generation of unique, secure, complex passwords with various options for use in the websites and apps you use.  Since you are only remembering your LastPass master password and letting LastPass fill in the login for you, it is to your advantage to make stored passwords as complex as possible so they are not compromised by brute force attacks.

How to Pick Strong Passwords

As a reminder, here are some best practices for picking strong passwords if you continue to pick them manually:

  • A password should be complex.  Use a combination of mix-case, non-dictionary words, numbers, and symbols.
  • A password should be long.  Complexity is important, but length matters most. Powerful computers can brute-force guess tens of millions of passwords per second.  A ten character password is significantly simpler to guess than a fifteen character password. Consider using a three to five word phrase that’s easy for you to remember but hard to guess.
  • A password should be hard to guess.  Do not use common passwords (“password”, “12345”, etc.), your username, birth date, Social Security number, phone number, or names of pets or family members.
  • A password should be unique to every site.  A password breach on one website gives easy and immediate access to any other sites using that same password.  It is especially important not to reuse your email password anywhere. If that is leaked, your email is compromised and hackers have access to personal communications and this gives them an easy way to find out what other websites you have accounts with (banks, credit cards, insurance sites, e-commerce sites, etc.).
  • Please feel free to contact Copeland with any questions or concerns regarding password security or personal password management.
Posted on March 11, 2019. Categorized as . Tagged as .

Related Insights

What is vulnerability scanning?

March 29, 2023

Just because you’re not using an application doesn’t mean it’s not vulnerable. Vulnerability scanning is a platform that will look for weaknesses on the systems and hardware that live on your network…. Read more

Is your classic Antivirus Software Protection enough for today’s threats?

March 8, 2023

Endpoint Detection and Response is a next-generation tool similar to Antivirus (AVP) but uses AI features to detect threats on your system and recover from them. This software may also include a… Read more

Why you should off-board former users immediately

November 30, 2022

Why should you off-board users as soon as they are no longer with your organization? This is a very important process that helps keep your company assets secure from unauthorized access. It… Read more

Request More Info

Get in touch and determine where managed IT services fits with your business.
Request More Info Mini

Stay Up to Date

Get valuable technology and security insights sent directly to your inbox.
Mailing List Sign Up