Professor Rob: Escaping password pitfalls — Part two

By
Posted on Apr 08 2024 in Tipmont
Professor Rob
Professor Rob

Last month, I covered how switching to Tipmont internet service doesn’t mean you must change all your device passwords. This month, I want to talk about password managers — or services that store all your passwords in a secure online vault.

The internet is a modern marvel of usefulness, but it’s not without risk. You need secure passwords to protect yourself from identity theft and other cyber-attacks. (Want to see if your email address was ever part of a data breach? Visit the free and secure site haveibeenpwned.com and enter your email address.)

A friend recently texted me a picture of a “password Rolodex,” where each password is written on a notecard and stored in a rotatable file. Great if you happen to be right there. But what if you’re not near that Rolodex and need a password? There are better, safer, and more beneficial methods.

Password managers provide security and convenience as we connect with more online services. You store all your passwords in a secure online vault, which you access with one (strong) master password and, ideally, two-factor authentication. (I’ll cover that last part next month.)

The master password must be one you can remember, as well as one that is not (and has never been) used with any other login. You can test a master password’s strength using Bitwarden’s free and secure tool at bitwarden.com/password-strength.

Other password manager benefits include:

  • Longer and stronger passwords used in your vault, which are far more difficult to hack
  • Identifying reused passwords to help you update them (and I recommend that you please do this!)
  • Optional autofill in mobile and desktop browsers

According to the FTC, the average identity theft loss is $650. It’s far less expensive to choose a password manager that costs $3 to $5 per month — like 1Password, Bitwarden, LastPass, or Dashlane.

Most password managers have a browser extension to help you identify and update weak, reused, or compromised passwords when you visit each site. Some will even monitor the websites you visit and alert you to any important issues.

If this all seems too complicated, most devices include a free form of password management. That’s the function served by the “Would you like to remember this password” question. However, that will not work across browsers and devices, and it lacks advanced features like family password sharing, dark web monitoring, and more.

No password strategy is perfect. But password managers go a long way toward safeguarding your information. Next month, I’ll look at two-factor authentication, a security feature you should enable wherever it’s available.