Never Use the Same Password Twice! - What’s a Password Manager?
They always say: “Never use the same password twice!”. But also don’t ever write down your passwords. So what are you supposed to do?
Use a password manager! Password managers are platforms that secure and manage your passwords for all your various accounts, and they store them in a universal location so that you can access them through your browser or any device and use them to autofill your credentials.
Using the same password twice is a big security risk. If you use one password and hackers discover it, all of your accounts could be compromised through something called Credential Stuffing. This is when an attacker will use leaked account information and try to log in to other accounts like bank accounts. It’s a type of brute force attack but it’s more dangerous since the attackers could gain access to multiple crucial accounts.
It’s best practice to use a unique password for every system, webpage, or account that you log into, however, remembering all of those passwords can be exhausting, which is where password managers come into play. Password managers can automatically generate unique passwords for each site or account you log into, and store them so that it will autofill your credentials when you go to log in. That way even if one company has a data breach and your account is affected, the rest of your accounts are safe from credential stuffing attacks. A password manager can also provide some defense against phishing attacks; your manager only autofills information on a website with the correct URL. If the website’s address is different than the one expected, you will be notified.
“Setting up a password manager seems like so much extra work. Is it even worth it?”
Short answer: Yes!
How would you feel if your front door key also accessed your bank account, your digital identity, your social security information, and more? Probably not very safe, right? This is what it is like when you use an insecure password across multiple accounts.
There are many password managers out there and many have their own pros and cons. Make sure to research which password manager may be right for you. We use and recommend Bitwarden as our password manager of choice. Bitwarden allows you to generate secure, random passwords when setting up new accounts or changing passwords, and you can use it on a computer phone, or even in any web browser so that your passwords are always available to you in a secure way. You can also store a lot more than just passwords. You can store credit cards, addresses, licenses, keys, notes and any other digital key or code that needs to be secured. And even if you need to send credentials or any other secure information, you can use Bitwarden Send to securely share information.
Isn’t a password manager the opposite of safe?
“Aren’t I putting all of my highly sensitive data in one location? Isn’t that less secure?” you may ask. Yes, there is always inherent risk for storing information online, especially with another company. However, you are at a far greater risk with your data being stolen and your accounts being hacked when using only one password for all of your accounts. This is because hackers typically access your information from one site or account, and use it to breach other accounts. With a password manager, you can nip this in the bud with a uniquely generated code for each account. You can also add additional security measures to your Bitwarden account like 2 Factor Authentication, Biometrics or even passkeys, that will dramatically increase its security.
Overall, a password manager is a much safer way to store and secure your passwords, whether it’s Bitwarden, 1Password or something else. For your final step when switching to a password manager, don’t forget to delete those passwords from other areas they might be stored! Without doing that, you will have the same security risks as before.