Never Forget Your Password Again: How to Securely Manage All Your Passwords

  • Posted On: 10th October 2017
  • By:
Never Forget Your Password Again: How to Securely Manage All Your Passwords

Current estimates suggest that the average person has 27 discreet online logins. That’s a lot of passwords to remember. But in order to keep your passwords secure, they should be 16 characters long and contain upper and lowercase letters, numbers, and symbols. Unless you’re a prodigy, I doubt anyone can keep track of these different passwords.

The good news is that you can manage your multiple emails and logins securely by trying out any of the following approaches.

The hard-copy approach.

This may sound outdated, but it remains one of the easiest ways to keep track of your passwords.

Jot down your passwords on a piece of paper and keep it somewhere secure, like a desk drawer or fireproof safe. Even security expert Bruce Schneier has recommended this method.

There are a couple of drawbacks, however. Having access to the document at all times can be a problem. For example, if you were at work and forgot your Amazon login, you can’t access your account until you get home since. Another concern is that if you lose the document or it’s destroyed, those passwords will be lost forever.

One way to get around that is by creating a document or spreadsheet and storing it on your computer, flash drive, or the cloud. With the exception of your hard drive, which will eventually crash, that list will remain intact forever. If it’s stored on the cloud, you can access the list from anywhere.

However, security is a major concern when going this route. It’s suggested that you only store accounts that you’re reasonably alright with getting hacked, mainly accounts that don’t have any sensitive information stored.

Also, never store the file as “Passwords.” Think of a creative name that doesn’t have anything to do with passwords.

Use a password manager.

Password managers store all your passwords for you. They also fill out your login forms so you don’t have to memorize those lengthy and complex passwords. In fact, most modern browsers have some kind of simple password management system built in. For example, in the Chrome browser, it’s found on the “Settings” pane behind “Show advanced settings” and “Manage passwords.”  Firefox, Opera, Safari, and Microsoft Edge also have similar tools built in.

What’s more, the mobile versions of these apps will carry the same passwords and logins over to your phone.

But if you really want to make sure your passwords are extremely secure, then use password managers like LastPass, Dashlane and 1Password. All three work the same way. There’s a desktop program or mobile app you use to manage your passwords. The browser extension will automatically log you into your accounts.

There is one caveat. You’ll have to memorize your master password. This unlocks all your other passwords, so you need to make sure it’s extra secure. Start by composing a password of at least 12 characters so it’s not vulnerable to any brute-force attacks.

Keep in mind that even password managers can experience security breaches. Security researchers recently stated, “The overall results were extremely worrying and revealed that password manager applications, despite their claims, do not provide enough protection mechanisms for the stored passwords and credentials.”

That’s where cutting-edge companies like Avatier come into play by offering features like single sign-on. As Nelson Cicchitto, chairman and CEO of Avatier, explains, “I like to think of SSO as a form of password management because it eliminates the number of times someone needs to use a password, which is a good thing.”

Once you log in “with a core directory username and password, a person leveraging SSO in the enterprise is then trusted to access a variety of other applications because they have already been authenticated.”

Cicchitto adds that “the concept here is that SSO uses one successful authentication to an authoritative source to automatically pass that user into other applications without the need for a second authentication.”

“The beauty of an enterprise-class SSO solution is that you can combine it with password management and identity management capabilities to create a unified security approach for authentications across critical applications.”

Rely on sites you already have logins for.

You’ve probably seen those “Log in with Facebook” buttons regularly. This is another convenient way to manage your passwords. If you have an account with companies like Google, Facebook, or Twitter, then you can use those logins for certain sites.

While it won’t work for every site, social network logins are widespread enough that it can reduce the number of passwords you have. If you do opt for this method, the password you use for your social networks needs to be rock solid.

Reset your password — every time.

This may be simple, but it’s also inconvenient. Go through the “Forgot your password?” process whenever logging into certain sites.This is time-consuming, so it’s not recommended for sites you frequent. But it’s not a bad backup plan for the websites you don’t visit often.

Two-step verification.

If you haven’t done this already, it’s time to turn on two-step verification for your Apple, Google, Microsoft, Facebook, or Twitter accounts. It adds an extra layer of protection whenever your credentials are used on a new device. This means that intruders will need more than your password and username. They’ll also need a unique code, security question, or biometric like a fingerprint.

Find a technique that works for you.

Finally, if there’s a secure and effective technique you have been using, then stick with it. As the saying goes, if it’s not broke, don’t fix it.

Do you have your own technique for managing your passwords for multiple logins? Please share with us in the comments.

Sources

https://www.avatier.com/blog/user-logins-beyond-email/

https://www.schneier.com/essays/archives/2014/02/choosing_a_secure_pa.html

https://www.theregister.co.uk/2017/02/28/flaws_in_password_management_apps/

https://www.avatier.com/blog/improving-password-security-should-not-be-rocket-science/

https://www.cnet.com/how-to/how-to-master-the-art-of-passwords/

Written by Avatier