Password managers are one of the most useful tools available on the internet. Most modern browsers have bundled a password manager for some time. Their usefulness has extended beyond simple password management into storing anything you'll need online, from additional notes about your account to credit card details. You can use the manager built into your browser; they have made these much more secure and useful than they used to be. You could also use a third-party password manager such as LastPass or 1Password. Here are my top 5 reasons you should take advantage of these, often free, services.
The most common reason people use a password manager. As your active accounts start piling up, you have two choices. You can reuse the same password over and over, which is a bad idea I'll address later, or you can use a password manager to save all your passwords. But why can't you just remember all your passwords? The average American has 130 accounts between all the eCommerce, social media, online banking, and more that every user has that number will continue to rise. As long as we rely on passwords to secure these accounts, you would be well advised to use a password manager.
Reusing passwords is one of the worst things you can do for security. If one of your over 100 accounts, on average, is compromised, then the "bad guys" will have passwords for all of your accounts. The best way to avoid this is simple: don't use the same password on multiple websites. Password managers allow you to use separate passwords for every site without needing to remember all of them.
Side note: this is also why you should always take account security seriously. You may think that a hacker gaining access to your Twitter account isn't important. You just use it to follow some celebrities and never post, right? But if you use the same password for your online banking, then you can really end up in trouble.
Your password is too simple. I can feel confident in saying that because the chances are that it isn't. Maybe your password isn't on the list of most used passwords or the kind of thing an idiot would have on his luggage, but you can do better. Since password managers remember your passwords for you, why not take advantage of it and use a truly random, secure password? Most password managers include a password generator. Use it and your security will improve dramatically.
A good password manager will sync between devices. This syncing feature is handy but often underappreciated. Are you setting up a new phone? Install your password manager first for easy account set up. Did you lose your device? Again, your password manager has all your accounts backed up for you. Personally, I frequently move from device to device. Sometimes I'll use 6 or 7 different devices in a day. Having my passwords available at any time is invaluable.
The best way to share access to a service is to create a new user. In services such as PayPal, this is an option. All too frequently, sharing a service also means sharing the account password. Many password managers allow sharing within the app rather than sending passwords through insecure communications such as email or text messages. This is much more secure, and if the password is changed for one user, it will update for all users.
Some managers, such as those built into your browser, do not require you to password-protect the manager. You should always protect your passwords. Since you only have one password to remember, you should use a strong password. Use the password generator built into your manager to make the strongest password you can memorize and use that.
Properly secured, a password manager is an invaluable tool in your online security toolbox. For maximum protection, you should enable Two Factor Authentication (2FA). The most common form of 2FA is a One Time Password sent to you via text message. While better than nothing, this form of 2FA isn't the most secure.
Try downloading an authenticator app to your phone, such as Google Authenticator or LastPass Authenticator, and use that. Setting up authenticator apps is usually as simple as using your app to scan a QR code on your screen. Now you have a secure 2FA method to protect your password manager.
You know those security questions that a lot of accounts require you to create? And you have to answer them when you reset your password? Those are ridiculously insecure. Almost every answer to those questions is publicly available. I've had the bank ask the same questions of me when I called in. Except I didn't have any saved answers on file. They just found information about me and asked. If the bank can legally find that information, a hacker can too.
To get around this, you can treat each answer as a different password. Use your password manager to generate a password and save it in the notes section.
Data breaches are prevalent these days. It is essential to know that your accounts and private information hasn't been compromised, or pwned in internet slang. Most password managers have a built-in feature to check if your accounts have been compromised. This often checks the Have I Been Pwned website. If you are not using a password manager, I suggest using the website to check on your accounts' health.