The number of places we log into on the internet has grown into the hundreds. Keeping track of all the passwords is challenging. So what do we do to make it easy? Do we make all our passwords the same? Do we set up a couple of different passwords to use? I really hope you answer NO to both of these questions.
The internet is a vast open land of wild west cowboys, and it is highly likely that your password will slip across the internet in an insecure way that allows others to see. So it’s vital that you never use the same password on two different sites. Breaches happen every week on the most secure of websites. The most trusted companies from Ameritrade to Target have experienced them.
To keep our sanity and security, the only real solution is to use a Password Manager AND a Two-Factor Authentication app.
The “Old Way” to Keep Passwords Safe
If you’ve ever seen WarGames, you’ll remember the exact scene when Matthew Broderick’s character, David Lightman, finds the password he needs to change his grades in the school’s computer. This is how people saved passwords in 1983. Sadly, some people still do this today.
What is a Password Manager?
A password manager is a software tool that holds all your secure information in an searchable organizer that only you have access to. Think of it as a Rolodex of your passwords. A password manager can save your login information, your passwords, your social security number, credit card numbers, and any other details that you don’t want others to know about.
All the information in a password manager is kept secret using a very secure master password AND two-factor authentication. The combination of these two things is what makes your password manager secure. If you are only using one of these things (e.g. a longer master password WITHOUT two-factor authentication) you are still secure, but not as secure as using both options.
Some of the leading Password Manager apps:
What is Two-Factor Authentication?
Two-factor authentication, also called 2FA, is an additional way for a computer to verify that you are who you say you are. There are multiple ways that websites will institute this:
- Via text: they will send you a confirmation code that you need to type in
- Via phone: they will call your phone to give you a confirmation code to type in
- Via an authentication app: type in a continuously changing 6-digit number (best way)
You may be familiar with the first two options above, but the 3rd option (using an authentication app on your smartphone) is the most secure way. There are several programs that do this. Here are some of the leading programs I would recommend:
- Authy – easy to use and available on all major platforms, plus has backup options, this is the most popular and widely-used 2FA among geeks (has been the gold standard for years)
- Google Authenticator – also a very good product, but sometimes we don’t like having EVERYTHING in Google’s hands
- Microsoft Authenticator – see the same comment for Google Authenticator above
I highly recommend using a Password Manager and a Two-Factor Authentication app. It will dramatically reduce the chance of someone breaking into your banking websites and personal data.
I personally use the free versions of Bitwarden and Authy. I’ve used LastPass for many years, but LastPass is restricting the use of their free version starting next month. I migrated to Bitwarden last week, and after using it, I wish I migrated sooner. Bitwarden is faster, easier-to-use, open-source, and it even has built-in 2FA. I’m not using Bitwarden’s built-in 2FA yet but will be reviewing it later this year.