Tell me, what is the password for your bank account? If you can rattle off that password without thinking, chances are pretty good it's not nearly strong enough. Any password you can memorize (unless you have an amazing memory) is probably weak.
Whether you like it or not, it's way past time you stopped using passwords like password, 12345, qwerty, 111111, 000000, iloveyou, 666666, qwertyuiop, dragon, monkey, or qazwsx. Believe it or not, that list comes from the Nordpass most common password list. That's right, even with password breaches and massive service hacks becoming the norm, people are still using such simplistic passwords.
I get it, I really do. We're all so busy we don't have time to add yet another complication to our daily workflow.
Also: LastPass vs 1Password: Battle of the password manager titans
But let me ask you a very simple question: Do you really want to prevent bad actors from accessing your accounts and services? The answer should be a resounding, "Yes!" otherwise your approach to security is not in line with modern existence.
You might think that to be hyperbole but it's not. It's 2022 and if you're still using weak passwords, it's only a matter of time before someone hacks any number of your accounts.
Consider this, according to Hive Systems, if you use password as an account password, it only takes about 5 seconds to crack it. If your password is 12345678, it can be cracked instantly. If, however, that password is an 11 character combination of upper case, lowercase, numbers, and symbols, that password would take years to crack.
Of course, at this point, you're thinking, "I don't want to have to memorize a bunch of impossible passwords." Good thing you don't have to. In fact, when you employ a password manager, you only have to memorize one password. That one password will unlock a vault containing all of those passwords you've created and are next to impossible to memorize.
Let's step back a bit.
How does this even work?
If you're new to the world of password managers, let me explain to you how they work. Think of the password manager as a safe, where you can store all of your important bits. Those bits are individual entries for all of the accounts and services you use. You'd create an entry for:
- Your bank
- Any work systems you use
In other words, a password manager keeps all of your passwords locked away in a virtual safe and only you have the key to open it. That key is yet another password but it's the only one you have to memorize. To make this even easier, if you're using a password manager on your mobile device, you can set it up to unlock using either biometrics (such as a fingerprint or face scanner) or your phone password/PIN.
Even better, most password managers include a feature called a random password generator. So when you're setting up a new account, you don't have to worry about creating a complicated, strong password. Instead, you let the password manager create the password for you. Using this feature ensures you will not only be using very strong passwords, but it helps keep you from reusing passwords from one site/service to the next. With the help of a password manager, every site/service you use will have its own strong and unique password.
If you want to keep your accounts from being hacked, that is the single most important first step you can take.
Also: 1Password review: Pretty close to perfect
But the fun doesn't end there. With some password managers, you get browser integration which means you land on a site that requires a password, and the password manager (once you enter the vault unlock password) will auto-fill the credentials for you. The implications of that are important:
- You don't have to have your browser save your password (which can be a security risk).
- You get the added benefit of using very strong passwords.
- You only have to type a single password for everything.
At this point, you're probably thinking, "But my web browser has a built-in password manager!" Although that's true, those built-in password managers aren't nearly as secure as a stand-alone password manager, nor do they include all the bells and whistles found within a good password manager. If you want the most secure browser experience, you won't ever allow your browser to save your passwords, and you'll instead use a password manager with browser integration.
Convinced yet? If not, let me spell it out for you in terms that will hopefully open your eyes to why a password manager is an absolute necessity these days:
If you don't use one, eventually one or more of your accounts will get hacked.
It's as simple as that.
So, what password managers should you consider? Take a look at what ZDNet believes to be the best password managers on the market.
What are you waiting for? Install a password manager and start using very strong and unique passwords for all of the sites and services you use.
You've been warned.
Jack Wallen: Here's how to...