So far in this video series, we’ve given you ground rules for better passwords and told you which ones to memorize. Now it’s time to learn how to create, store, and access all the rest of your passwords.
Good Password Managers
So here are some password managers that consistently get high marks:
• 1Password – Consumer Reports gives it their highest marks by far, New York Times and WIRED rate it #1 as well, and it’s the runner up on CNET’s list only to the second one on my list and my personal password manager,
• LastPass – This one is also at the top of PC World’s list. Once CNET mentioned, pan out of 1password trophy to show larger trophy with Lastpass
• Some others that consistently get strong marks are Bitwarden, Keeper, Dashlane, and Roboform. Again, this list isn’t exhaustive, but it’s a great start.
Why You Shouldn’t Save Passwords in Browsers
Now browser password managers are not an option to consider for many reasons, including this: They tend to value convenience over security. Browsers want you to log in to use them, and once you do, they want to store your information – bookmarks, contact info to fill in forms…and passwords. They aren’t being nefarious; they just want to be sticky in your life. But usually all your work and personal passwords get co-mingled in a place that just isn’t as good as those managers I’m recommending.
Keeping Passwords Separated
And that leads me to my last point. Our work and personal lives are only getting more intertwined. Work email and calendar on your personal phone. Logging into your bank, personal email, and everything else from your work computer. It’s convenient, but it’s not advised. After all, if you’re a leader in your business, do you want the next person that leaves your company to still have access to critical things when they’re gone? And if you’re that employee, do you want that liability? Sure, IT will shut off network and email access, but what about the login to WordPress, MailChimp, the company Twitter account, or any system that this one person manages for the company? I encourage your company to implement a password management platform for all company credentials. Give me a call if you’re a business leader and have questions.
So back to you. Pick a password manager. As you start using it, take the tutorials, set up MFA, and let it create new, complex, long passwords for you.
Next up, we’re going to talk to you about ways you’ll still be vulnerable, and how you can be a master at spotting the work of the bad guys.