Crowley is the Head of Research and Penetration Tester for IBM's X-Force Red.

As mentioned, using weak, easy to guess dictionary passwords such as LionelMessi1960, HokageNaturo123, pusheenCat45 will not help protect your account from a potential account takeover. It also does not help your case if you reuse the same password on multiple services like Netflix, Instagram, and American Express. 

What will help is having strong and different passwords for each site you use. The only problem with that is a password such as @jSSb43jQmpf3&G% is not very easy to remember. 

But don't sweat it, because there is a tool that can not only generate long hard to guess passwords, but it can also store them for you. This tool is called a password manager.

What is a Password Manager

The main features of password managers have:

  • They generate long hard to guess passwords
  • They store the long passwords and usernames in a "vault" to autofill your login prompts
  • They require that you have a master key to access your "vault"

The whole point of password managers is to manage your passwords, so you do not have to. This means generating your password, storing them and granting you access to change the logins at any time.  Which is a great solution to not have to reuse simple passwords on all your social, financial and medical accounts. 

Password Managers: Features

A password manager can help when it comes to online password health by:

  • Creating long hard-to-guess passwords on the fly
  • Storing your passwords so you can automatically sign in

Take a look at the screenshot below, demonstrating how quickly it is to generate a password using a password manager. Right after the password is generated, a prompt asking to store the password will be immediately shown. This will store the password and next time the user logins into their account, the login will auto-populate. Yay for computers! 

Demo of 1password generating a long password for a user account

Password Managers: The Master Key to Rule Them All

The master key is the mother of all passwords. It's also a bit tricky to make, since, ironically, it's one you are recommended to remember, but it also needs to be secure. To better explain what to include in your master key, here is an excerpt from Lastpass (a password manager) on what they believe makes a great master key: 

  • Use a minimum of 12 characters, but the longer the better
  • Use upper case, lower case, numeric, and special character values
  • Make it pronounceable and memorable, but not easily guessed (e.g., a passphrase)
  • Make sure that it is unique only to you
  • Never use personal information
  • A good example is: Fidoate!my2woolsox

Some password managers such as 1password even provide an adorable emergency kit where you can prepare a PDF with your master key in case you cannot log into your account. What 1password recommends you do with the PDF is to:

  • Print a copy to keep in a safe deposit box or with your passport or birth certificate.
  • Write your Master Password in at least one printed copy of your Emergency Kit.
  • Save it to your personal cloud storage, so you always have a digital copy available.
  • Give a copy to someone you trust, like your spouse or someone in your will.
The emergency Kit 1password provides for users

Password Managers : Summary

Let's summarize the importance of password managers:

  1. They can help create long passwords on the fly so you don't have to.
  2. They store your long passwords and usernames to autofill the login prompts when you visit the sites
  3. They all require you to memorize a master key which is the only key you will need to access your stored logins

This guide was first published on May 24, 2019. It was last updated on Mar 08, 2024.

This page (What is a password manager and how they can help) was last updated on Mar 08, 2024.

Text editor powered by tinymce.