For most of us, using – and trying to remember – a collection of passwords is just a normal part of our digital lives. But it seems like the number of passwords we need for online activities just gets bigger and bigger.
Some passwords – especially for work-related systems – must be changed often. That makes passwords even harder to create and remember.
These difficulties can lead some people to reuse passwords to help simplify the process. But most security experts warn against this. Reusing passwords can make it easier for internet attackers, or hackers, to digitally seize personal accounts.
One of the most suggested methods for effectively dealing with passwords is to employ a separate product called a password manager. These tools are not new. You have probably already heard of such tools and might have even tried one.
Here are some tips for deciding whether a password manager might be right for you.
How does a password manager work?
The general idea behind password managers is simple: Your passwords are stored securely in a digital vault. When you need to use a particular online service, the manager automatically enters login details and password fields for you.
The U.S. government’s Cybersecurity & Infrastructure Security Agency notes, “When we use a password manager, we only need to remember one strong password – the one for the password manager itself.”
Most password managers have a smartphone service, or app, that works with internet browsers and other apps. This means they can be set to open with a fingerprint or face identification. If on a computer, you can also sign into your password vault through a browser tool, called a plug-in, or by going to a website.
A good password manager should be able to create complex passwords using letters, numbers and special characters when setting up a new account. And, it should also recognize that you are signing into an online service for the first time and ask if you want to save the information you have entered.
Password managers can also protect against so-called phishing attempts. These usually appear as emails seeking to trick users into clicking onto a link to a false website designed to capture login details. A password manager can prevent such details from automatically being filling in if the web address is not the same as the one linked to the saved password.
Most password managers can store other information as well, such as bank and credit card PINs. Many also support passkeys, a new technology that companies like Google have launched as a safer method than passwords.
How do I choose the best one?
There are many different password managers on the market. Some of the best-known systems include 1Password, Bitwarden, Dashlane, Bitdefender, Nordpass, Keeper and Keepass.
One of the best ways to choose the right manager is to look at online reviews based on professional testing and ratings. Britain’s National Cyber Security Centre has also established a buyer’s guide to help users choose the right password manager.
Most services have free and paid versions. The free offerings come with restrictions, such as permitting only one device to be signed in at a time or limiting the number of passwords to store.
Top-rated managers work across different devices and services, with apps for Windows and Mac computers, as well as iOS and Android devices. And plug-ins can be downloaded for browsers like Chrome, Safari, Firefox, Edge, Brave and Opera.
Apple also has its own Keychain service for Macs and iOS devices.
How secure are they?
Good password managers use strong encryption methods that aim to prevent any other parties from seeing your data.
Pieter Arntz is a security researcher at California-based cybersecurity company Malwarebytes. He told The Associated Press that many password managers use the most secure kind of encryption available.
Arntz noted this kind of encryption can protect users even when their computers, devices or password managers are hacked. This is because encryption ensures the saved passwords are stored in an encoded state. This means the attacker would need to know the main password in order to read any of the saved passwords.
I’m Bryan Lynn.