This World Password Day consider investing in a password manager

How many passwords do you think you have? Five or six? Maybe 10 or so?

In reality the average person has something more along the lines of 100 passwords they need to remember. This number seems large at first, but consider visiting a website with a recipe that demanded you create an account or a news website asking for an account to be created and you start to realise just how many passwords you need.

When I asked myself this question earlier this week ahead of World Password Day today, I listed the usual suspects: Facebook, Twitter, Steam, Epic Games, Hypertext and my email. Scrolling through my password manager, however, revealed that I have passwords for over 130 websites, many of which I had simply forgotten I had made an account for.

The good news is that, as I mention above, I use a password manager so I don’t need to remember an 8 – 12 character password for every single website I use. Because of this I can set a unique password for website I will likely only ever visit once or twice and forget about it. Should these websites be breached and my password is stolen, I don’t have to worry about it because that password isn’t repeated anywhere else.

This is important because the data you provide to companies can outlast your association with them. Remember the Myspace hack that was disclosed in 2016? That hack drew from data that was already eight years old and hackers were still able to charge money for the database.

Your data, no matter how old it is, is valuable to cybercriminals because it can help them create a better picture of who you are. You may think you’re not important enough to hack but you could be the gateway into your company or simply an easy target to have your bank account drained. Cybercriminals are opportunists and they will find as much information as possible about a target to insure their scheme succeeds.

Now I know, the economy is in shambles and somebody telling you to pay money for something isn’t the best thing to read but a password manager really is something you should invest in. There are free solutions available and my recommendation is to test one of these free solutions out for a month and then start looking at what more you’d like from the password manager.

Some things we recommend looking out for:

  • Security check-up: a feature that scans for repeat passwords, password strength and more. Sometimes this feature can also scan databases to see if your data has been compromised.
  • Cross-device support: You don’t think you’ll need to access your passwords on your smartphone until you do. Cross device support with an official app for your operating system is a must.
  • Good remote support: The most important aspect of support is access to it 24/7 just in case you need it at strange hours.

Pricing varies from service to service as do features and functionality but you should be expecting to pay around $3 (~R43) per month.

In-browser password managers are fine, but personally I prefer to keep things separate and avoid having a single point of failure.

For those who don’t want to make use of a password manager, please use unique passwords. That does not mean Password123 and Password12three folks, use special characters, caps, numbers and try to be as random as possible.

Whether using a password manager or not, make use of multi-factor authentication where possible. This creates friction in the sign-in process but it can also slow down an attacker forcing them to compromise other services in order to ultimately get to you.


About Author


Related News