Passwords are a fact of modern life. One can not avoid the use of passwords. Choosing a good password makes it harder to remember and type in, and having unique passwords across the many services you use is essential to good security, and that makes it harder to remember critical passwords. Fighting with passwords or not using goods ones is not a great way to save time. Password managers are the way to take care of your business and save time professionally and responsibly.
There are a lot of password managers available. 1password, LastPass, BitWarden, and some of the browsers, like FireFox, Chrome, apps Microsoft Edge, have built-in password managers. They mostly work the same way.
Most include a password generator, so you don’t have to come up with a good, not included in the dictionary, password. Why not in the dictionary? Password crackers can guess thousands of dictionary words a second, they can even guess thousands of combinations of dictionary words a second. So a password generator is a welcome feature.
Most of the password managers can adjust the formula they use to generate passwords. This is a nice feature because many apps, websites or programs have minimum passwords that vary in length or makeup. Some websites will require a non-alphabet character or number, or a program will want upper and lowercase letters. Having the ability to change the formula comes in handy.
Browsers plugins or running inside the browser is a feature that adds convenience. This means as you visit websites the account’s passwords are at hand and can be entered usually by clicking a button in the button bar. However what about programs that run on your computer that access remote accounts like say the accounting software you use, maybe the CRM, what have you? Browser-based solutions are still OK if you learn to cut and paste. Really, if you have not mastered CTRL-C and CTRL-V and the Mac equivalent using the CMD key things are already tough on you.
Having a desktop version of a password manager, that is a standalone version of the program that runs on your computer is a feature one should strongly consider. Having a desktop version with the passwords stored locally on the computer in front of you or phone can be very helpful when you are unable to access the internet. Unfortunately, most browser only based password managers fail here but 1password, LastPass, and BitWarden do not.
Storing the passwords securely on the internet, if done right, makes the passwords available across your phone, tablets and many computers you probably use every day. Storing them right is the key, however. They need to be more than encrypted, the key that is encrypting them should not be known or stored by the service. LastPass has had issues with this. Some of these password managers themselves have been hacked. While having your password manager hacked is bad, it really is a first world problem. As long as the service notifies you quickly and you change your passwords quickly, like as soon as you can, you are still far ahead of your average internet user with their kids birthday as their password.
Password sharing can help to some degree with business continuity and adds some features useful to businesses with more employees or resources. 1password and BitWarden allow passwords to be shared across accounts. One can share the banking sites password with a trusted person and if needed remove the sharing when it becomes necessary. This can be a great way to consolidate accounts you use in your company. No need for everyone to have a Constant Contact account if you are all using the service for the same purpose.
All of the features we have talked about are important, all of them will help reduce the friction you will experience as you change from your current way of dealing with passwords. There will be friction. You have to be vigilant to get value from these password managers. Yes, you always have to use it to fill in the passwords on your accounts. Sure there will be times when it will be easier to just use your old standby password to create that account on a service you are not even sure you will be using, don’t, or if you do – make sure you at least still enter it into your password manager. At least then, you will be able to remember that password you thought was your old stand by, but was it your kids birthday or their middle name. Plus if you do end up using the service you can change the password to a machine generated safe password and change the password in your password manager.
I have recently changed my password manager from 1password to BitWarden. I like the ability to share passwords and manage the sharing that BitWarden does very well. BitWarden can be self hosted and this can be a great option for someone who has the resources and knowledge to do it right. SBS can manage that for you if desired, but the BitWarden service is very affordable and works for most enterprises. It’s free for single users, and shared password accounts start at $4 a month. I will be posting a complete review of BitWarden soon.
