How you can remember all your passwords
- How many of your accounts have the same password?
- How many times have you clicked on “I forgot my password”?
- How many passwords and accounts are in your “my-password-file.xlsx”?
If your answers to these questions is “1” (or more than 1) then the topic of today’s newsletter is tailor made for you.
Remembering the credentials (e.g. email-address and password) of all the various online-accounts is quite impossible and one should not use the same password for everything. This might be a known fact but – being honest – we still tend to do that. Resetting the password all the time is annoying because one have to wait for the “We resetted your password”-email and to know which email-address has been used for the web service. It’s annyoing and time consuming.
Having a local file with your passwords seems fine but that is what hackers will search for first. Is this file backed up? Encrypted? Even when you have a paper written list with the credentials, what if this list is in your office but you need to log in while travelling?
For secure and safe surfing you should always change your passwords frequently!
Check if your credentials have been compromised:
https://haveibeenpwned.com/
It would be best to have a little helper which keeps track of the accounts and the passwords used. The tool should be safe and secure, it should contain all the passwords encrypted and it should be available from anywhere you are and usable with whatever device you have.
No surprise – There are such tools, they are called ‘password manager‘! And there are many of them. Maybe too many to know which one to choose from.
The “Keychain Access / Schlüsselbundverwaltung.app” of macOS or the “password vault” of e.g. Firefox are also such password managers. But they lack certain features: One can use them either only with Apple devices or only within the browser Firefox and you need to be logged in with the Firefox-Account (another account/password to remember …).
I will introduce three different tools. One is open source, one is free for desktop apps and one is costly but “one of the best”.
See also the overview of The Best Password Managers for 2020.
KeyPass
KeyPass is open source and still (or maybe hence) as secure as it can be.
It is a “free, open source, light-weight and easy-to-use password manager.”
For everyone who likes to optics of the 90s this tool with its interface is perfect. However it lacks of an easy way of exchanging and synchronising the data.
Enpass
Enpass comes with a desktop app (for Windows and macOS etc.) and there is also an app for mobile devices (only this costs).
The handling is quite easy and it leds you autofil the credentials for the web-accounts. This is done with a small browser-extension. This notices when you login on a website for the first time and asks you to save the credentials. It also allows you to build very strong passwords.
If you have such a “my-password-file.xlsx”-list it is possible to import all the account names and passwords. No need to do the migration manually.
(This is the tool I personally use and I am very satisfied with.)
1Password
This has more or less the same features as Enpass but you have to pay on a monthly base. There is also a business plan which is used by the IT of the UKA. (Therefor it is trustworthy.)
The advantage of 1Password is its “Family-Feature”. You can invite all your family members to 1Password and share accounts with them.
And of course you can also import the credentials from your existing password-list.
This feature can be quite handy so only one person needs to organize the credentials (maybe the parents for the kids or vice versa).
Let’s wrap up: I think password managers are a must-have. For everyone! But there is still the discussion whether it is safe to reveal all your credentials and secure notes with only one (master)password? This masterpassword has to be very strong – then you should be fine.
Check the strength of your password:
https://checkdeinpasswort.de/