Password managers are a good way to keep your passwords unique, strong and safe. Tom Merritt gives us five tips on how to use them correctly.
Someday passwords will be gone. Microsoft, Google and others are making great strides toward that halcyon future.
But today is not that day.
And until that glorious day arrives, you still need a good way to manage all those passwords while keeping them secure. And a password manager is still the best way that balances convenience and security—with a heavy tilt toward security.
SEE: Security incident response policy (TechRepublic Premium)
Here are five tips for password managers.
- You can make your master password strong and memorable. The password you use to secure your password manager does need to be long and complex. But choosing a phrase, especially one only meaningful to you, can keep it safe against dictionary attacks and make it so you don’t have to write it down on a post-it note. Cat-needs-2-Eat-at-6?, for instance.
- Multifactor authentication is still important. Some password managers even include the generation of second-factor codes in the password manager itself making the login process that much easier. And of course, secure your password manager account with MFA as well.
- You can securely share a password. Many password managers let you share your credentials with someone else without letting them see the password. Granted there are ways to get them, so be careful who you share with. But if you trust the person enough to share the credential, it’s an extra precaution against them accidentally compromising it.
- Multiple devices. Unless you somehow only use one device, your password manager should be accessible across the devices you use. You don’t want to have to keep pulling out one device to get the password to use on another one.
- It’s more than just passwords. You can use the security of your password manager to store other things that would be vulnerable in an unencrypted text note, like credit card numbers for instance.
Even if you deploy Shared Account Password Management, password managers for employees are still a good idea to implement. Just make sure you get one that’s easy to use, end-to-end encrypted and has the features you need.