There are things called 'password managers', which, as the name suggest, store and manage your online passwords for the various accounts you have across the internet. Let's go over these and why I find them less satisfactory than my favourite method, Writing Things Down.
Don't get me wrong, in the hands of a skilled user, password managers take the effort and stress out of dealing with the gazillion passwords and usernames/email addresses we tend to store with our various trusted internet services. But they come at a price for the regular user.
Password managers generate a different password for each website. This is good and absolutely something that everyone should do. If someone breaks into, say, your facebook account, the very first thing they will do is grab your email address from the account and try the same password for your email. And then they'll usually lock you out of both. So far, so good.
But let's look at the way they generate passwords. Password managers tend to generate non-memorable strings of numbers and letters that are effectively non-guessable in a rudimentary way. This is good. It also makes those passwords impossible to guess for the end user, should they ever lose their access to the password manager. This is bad.
Password managers generally integrate into a web browser, thereby bypassing your need to run a special program to use them. This is good. However this also means that if you're using someone else's computer, or a public computer, you basically can't use the password manager (aside from logging into their website and accessing your passwords that way). This is bad.
Lastly, password managers and their hosts, while significantly improved over previous years, are not infallible. It wasn't so long ago that one of them, Lastpass, got hacked and the master passwords for a whole mess of accounts stolen and used. This didn't rely on knowing the users passwords, just some basic internet security flaws and exploits.
So in short - if you know what you're doing, and are more technically savvy, password managers like Lastpass and Dashlane can be a godsend, particularly if you're logging into an absolute ton of websites. But for the casual home user, they're probably overkill and have significant downsides.
So you're almost invariably better off following basic security measures and (a) making a different password for each website (b) making long passwords that are easy for you to guess, but not anyone else and (c) Writing them Down in a notebook with the name of the website, the username/email address associated with the account, and a date.
Click here to go back to the main page.
© 2021 Matthew Bentley. All Rights Reserved