Are You Using a Password Manager?

Writers Opinion Password Manager Featured

Let’s face it: remembering passwords is difficult, increasingly so, as we have to remember different, more complicated passwords for each app, website, etc.

Thankfully, there are methods that have been introduced that allow us to not have to remember them all, such as biometrics, but many people don’t trust biometrics. Another choice is password managers. Are you using a password manager?

Our Opinion

Sayak says he saves and updates his passwords in Google Sheets using a Gmail account that he never shares with anyone. He’s not concerned about a Google third-party employee happening across them, as he interned with Google and knows very few employees have access to customer data and notes it’s very tightly controlled. His system “has served me well for so many years.”

Phil keeps his passwords in an old Filofax and writes them in with a good old-fashioned pen. It has unlimited battery life, doesn’t need an Internet connection or even electricity, and he can remotely access it by calling his wife and asking her to look it up. “Digitally watertight.” He jokes if you want to steal his passwords, “you’ll have to come to my house, and I’ll be waiting with a bat.”

Damien uses Enpass password manager, “mainly because it is cross-platform compatible and can sync to any cloud storage” of his choice and not on their server. He started with LastPass, then switched to KeePass, and has now settled on Enpass.

Andrew explains he keeps his passwords mostly in his brain in a system that “makes them pop up as unique hashes but enables me to guess them within two or three tries most of the time.” If he can’t guess them, he knows it’s never a bad idea to reset passwords now and then anyway. He also uses LastPass and Dashlane for sites without highly sensitive data.

Writers Opinion Password Manager Devices

Alex sees passwords managers as “hugely useful” and believes everyone should use one. He understands the complaint of keeping all your eggs in one basket, but “the basket of a good password manager is basically Fort Knox.” Reputable password managers give users complete control over the encryption. He uses 1Password which doesn’t store encryption keys, as it’s all managed on your device. He believes when you don’t need to rely on remembering them that you become much less vulnerable to reused password and dictionary attacks.

Similar to Sayak’s Google Sheet method, I had all mine saved in an Evernote file. I kept that app locked with password/Touch ID and used my own encryption shorthand method to disguise them. But now I mostly keep other account logins and account numbers in there and allow iOS to remember them all in the cloud, which they were already doing anyway, but the system became easier with iOS 12. So basically, I guess this is using a password manager in effect.

You Opinion

Do you rely on old tried-and-true methods like keeping a list, whether digital or on paper, or use biometrics or your own brain power? Or do you use a password manager to do the work for you? Are you using a password manager? Chime in to our conversation below and leave a comment!

5 comments

  1. What happens if and when the master password to a password manager is compromised? Does the hacker have free access to all the stored site passwords?

    1. Hi, I use Enpass with vault sync on the cloud in this case Gdrive. So in order to access the vault you need to add the Google account that is already quite safe especially with 2F access. Once you have entered the cloud you recover the highly encrypted file that requires a master password. To answer you, if hacker have the master password (that is very strong) he need the encrypted file, but there is a second security layer to crack. If the hacker have master password and account data then he can see all the password.

    2. Mostly, yes.
      However, most password managers make that quite difficult and it’s recommended that you use a strong password + 2FA with them. If you’re using 2FA with anything, it should be them.

  2. I use BitWarden with a strong password and 2FA. Since it’s FOSS, I put a bit more trust in it than I would for a service like LastPass.

  3. Disclosure: I’ve been a software developer for about 25 years.

    I’ve used LastPass for almost 10 years. Just like any of your other managers, it’s only as secure as your master password and person using it. For me, so far so good. Some of the features I love and the reason I’m with LastPass.. single-use passwords, secure notes, credit card forms, server forms, database forms, and a plethora of multifactor including biometrics

    Note and in response to the negative articles: I hardly agree with “Tech” writers. I find that most have no idea, if any, what they’re talking about and often find articles plagiarized(ideas and views) from a different author on another site. With that said, you have to be a complete idiot to use a spreadsheet.. local or worse in Google Docs. I tell people all the time, USE A PASSWORD MANAGER and use a passphrase. Like a min of 10 characters.

Leave a Comment

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.