The best practice for digital accounts is to use a different, complex, machine generated password for every account you have, because a computer can guess any password that a human can remember. Since it would be impossible to remember all these different passwords, a password manager can ease the burden on your memory and help secure your digital life.
What is a Password Manager?
A password manager is a software application that you can use to create, manage and store your passwords. Password managers make logging into your web accounts easier and more secure at the same time. They remember your password for each site and, with the click of your mouse, fill your username and password into login pages. Since you won’t have to type your passwords anymore, you’ll be less likely to fall victim to security attacks, such as attempts to trick you into entering your password on fake websites controlled by an attacker.
Why should you use a Password Manager?
Many people worry that by putting all of their passwords in one place, they’re increasing their security risk. While this seems intuitive, it doesn't account for how easy it is for attackers to guess human-made passwords, or obtain a compromised password that is being re-used. The reality is that most passwords are easily discovered by attackers because, when they don't use password managers, users attempt to create multiple passwords that they can remember. The most common password mistakes include:
- Re-using the same password for several accounts
- Creating a memorable system where all the user's passwords have the same beginning for all of their accounts, and one or two characters are modified or added
- Using passwords that are so short, computers can easily guess them
You can make your accounts more secure by using your password manager to create a different password for every website you log into. Because you won’t have to remember your passwords, they can be both random and long, so attackers can’t guess them.
Since your password manager will contain the passwords for all of your accounts, having a strong master password on your manager is absolutely critical. The good news about this is that it is the last password you will ever have to remember! We recommend using the master password generator in your password manager app, if available, or The Electronic Frontier Foundation’s Dice-Generated Passphrases strategy.
Set up two-factor authentication (2FA) to protect your password manager. For assistance, see our guides on how to use 2FA.