Password Management

Long, strong passwords are what keep hackers out of your social media accounts and bank accounts; however, if you find yourself writing them down, on paper or in an app, you’re more vulnerable than ever to potential identity theft or account takeover. There’s no need to be discouraged, though! Follow these five steps to achieve effortless password management and rest easy knowing your passwords are safe and sound.

It’s hard enough to remember your most-used passwords (and even harder when you’re changing them every 90 days), but it’s downright impossible when you’re required to keep track of dozens or hundreds of accounts. That’s why, if you haven’t already, it might be time for you to consider using a password manager tool like LastPass. With a password manager, you only need to remember one master password—the one that unlocks your digital vault—to unlock everything else. You can then assign unique passwords and change them as often as you see fit without thinking twice about doing so. These programs do everything from encrypting your passwords so no one can access them to generating random alphanumeric strings as new login details. They also sync up across all devices, meaning you only need to manage a single set of logins and passcodes. Want some examples? Check out 1Password or LastPass; we like these services because they let us secure our logins with an added layer of encryption and allow us to store key information (like credit card numbers) directly in their databases.

It’s a fact of life: passwords get hacked. If you have one password for your banking, another for your email, and another for Facebook—well, there’s a pretty good chance at least one of them will get stolen. It doesn’t matter how strong your passwords are if they’re all being used by you! That being said, it can be hard to remember unique passwords for every website. The solution? Use a password manager.

Don’t let a system force you into a situation where you have to reset your password every so often. If possible, use a system that doesn’t expire passwords unless there’s been a major breach or other problem. This way, there’s no need for you to change it too frequently—and you can keep track of all your old passwords and know they’re still valid. This is ideal, but many websites don’t offer an option like this. We recommend using unique passwords on each site you sign up for, instead of using one master password everywhere. Make sure it includes numbers, upper- and lowercase letters, punctuation marks (where available), and even spaces if your system supports them. The longer it is, the better protected you’ll be.

A lot of accounts—like Gmail, Facebook, and Apple ID—offer a second layer of security known as two-factor authentication. It’s a simple step, but one that helps protect your account from hackers. Two-factor authentication means that in addition to entering your password, you will need an extra piece of information before you can access your account. In some cases it’s a simple text message with a code; in others it might be a physical token or key fob device. Either way, once turned on, no one can get into your account without both parts.

Setting up security questions is a great way to make sure no one can access your accounts if you ever get locked out. Some banks, for example, require account holders to include personal information in their security questions, which prevents hackers from looking up your answers online. This is especially important for bank accounts that have PINs attached—if someone were able to reset your password on these types of accounts, they could potentially withdraw all of your money before you even knew what was happening. So add some unique security questions and answers to each of your accounts.