Password managers are a great way to help keep your accounts secure. They allow you to have strong, different passwords for each account, whilst only needing to remember one password yourself.
What is a password manager and why use one?
A password manager is an application on your device that securely stores your passwords, so you don’t need to remember them all. You can access any of the stored passwords with a ‘master password’ that you set. They can be stand-alone applications or built into a browser.
Password managers are designed to make using, generating, and storing passwords easier and more secure. Many password managers can also automatically enter the appropriate password into websites and apps on your behalf, so you don’t have to type them in every time you log in.
How does a password manager work?
A password manager acts as an encrypted ‘safe’ that stores all your passwords. You will have one ‘master password’ that lets you access that safe, make changes to your passwords and add new ones.
Some password managers can generate passwords for you, making it much easier to have a different password for each of your accounts, avoiding the common pitfall of reusing passwords. The passwords these managers generate are even stronger than passwords we create ourselves, as they contain random strings of characters that we wouldn’t be able to easily remember on our own.
How do I protect my password manager?
As your manager will contain all your passwords, it’s important to make sure it’s secure. You’ll also need to ensure that you’re always able to get into your password manager yourself, so you don’t risk losing access to your passwords.
Protecting your password manager is easier than you might think. Here are some steps you can take:
- Set up two-factor authentication. For example, a biometric scan or a one-time response code. If you have the option, set up more than one method so you have a backup for getting into your manager
- Make sure that you install updates for your password manager when prompted to. If you’re using a manager that’s built into your browser, make sure you’re using the most up to date version of the browser
- Choose a strong ‘master password’ for your password manager using the ‘three random words’ approach. You can’t store your ‘master password’ in the manager itself, so it’s important that it’s both secure and memorable. Don’t store your master password on any devices
If you’re using a password manager built into Safari or Google Chrome, it will already be protected by your existing AppleID or Google Account. Your existing password for these accounts will act as your master password for the in-built manager, so it’s important to make sure you set this password in line with the guidance above.