I finally did something this week that I’ve been meaning to do for quite some time, I started using a password manager. The more I think about these types of tools, the more I strongly believe this is an absolutely essential tool for everyone. In fact, I would strongly encourage all CCSD employees to start using one right away! The password management products are now mature enough and flexible enough that we really should be encouraging all of our students to use them as well. I’ll be surfacing this at our next media council. I think these are going to become a critical part of safely managing our lives going forward.
Why would I need a password manager?
I would guess that just about everyone feels pressure to keep track of user names passwords now a days. The logistics of it are maddening. Below are just a few of the personal sites I need to document.
- Barnes and Noble
- Vision Direct
- my bank
- Direct TV
Again, these are just a few off the top of my head. I know there are lots of other places I’ve done business with that require me to create an account/password.
Of course, I have a lot of different professional accounts as well. There are a lot more of these, too. Each one requires a username and password.
- Prairie Email
- Iowa Testing
- National Student Clearing House
I haven’t even included other social sites like Twitter, Facebook, Tumblr, etc…
The core problem is that most of us try to use the same (duplicate or identical) credentials (usernames and passwords) to manage all these different sites. Without another tool, it’s really the only reasonable thing that can be done. I’ll admit it, I was guilty of this. However, this is very dangerous and is a terrible malpractice. It should be changed immediately! Here’s why…
If just one the sites that uses a common password is compromised, all of the sties that use the same password are effectively in danger. Of course, this could be a disaster if a credit card, bank account numbers, or other personal identifiers are kept behind this password. The social sites can cause a great deal of embarrassment and damage reputations if they are exploited, too. There might be professional repercussions if a school or professional is accessed due to a compromised password. Again, it just takes one site to be vulnerable.
How does a password manager work? What are the key benefits?
The good news is that there are a ton of products out there to help with this problem. Many are free or very low cost as well. While they all have different features, here’s the main features they share.
- A password manager will keep track of all of your sites, usernames, and passwords. Often they will auto-fill them for you so you don’t have type (or even remember them).
- All the credentials are stored behind a super-strong (usually very long) password.
- Password manager services will usually let you automatically import and/or manual add sites that require credentials. You just add the site once to your password manager, it it remembers the username and password for you.
Because the password manager is keeping track of all of your usernames and passwords, it makes it feasible (and essential) to have many unique and strong (complex) passwords for different web sites. So, one of the first things you’ll want to do after you choose a password manager and install it, is to go to all of the various sites and change your password. This does take a little bit of time, but it goes quickly. Again, using a product like this not only keeps you safer, but it also makes life a lot simpler as you don’t need to remember any passwords. The only password you really have to remember is your super-strong password that lets you into the password manager. But, that’s not used very often.
How do I choose the right password manager for me?
Again, there are lots of products available to do this now. Here’s the article I used to help me make my choice – a product review from late January in PCMag.com. Each product has a lot of features. I would recommend reading each of the reviews as well as doing your own research to see what is the best fit. Just search on “password manager” to get started. The other piece of good news is that because these product have been around awhile, if you decide to switch products because the one you are using is not meeting your needs, most of the password managers have tools available to export and import your information. That way you don’t have to start over, if you do decide to change products. The important thing is choose one and use it.