Password Managers: The Best Way to Protect Your Accounts
How do I manage so many accounts? What do I do when there is a data breach at a service I use? What happens to my online accounts when I die?
The fact is that as we continue through this new enlightenment and age of connectivity, the need to manage more accounts is going to be greater. Password management tools allow you to be more secure without burdening your brain with pneumonic devices to remember all of your quirky log-in credentials.
This article is a primer for families and individuals which will provide a foundation of knowledge and best practices so you can be better protected while conducting yourself online.
Password Manager Guide
What is a password manager? A password manager is exactly what it sounds like- a piece of software which will curate, collate, catalog, and otherwise be your complete resource for all password management. You can read our full guide to password managers here.
Beyond passwords, they can also store any data you need for use online. This includes credit card numbers, PINs, CVV/CID codes, account numbers, routing numbers, answers to security questions, or anything else you wish to put into a secure note.
All legitimate password managers include encryption that is so strong it is near impossible for a hacker to compromise it. In fact, LastPass was “breached” in 2015 but the hackers were unable to crack the master password for its encryption so consumer data remained unscathed.
Why Use a Password Manager
The benefits of using a password manager are quite simple:
- Secure passwords which can be auto-filled as needed
- Only need a master password and no longer need to remember all of your log-in details for all accounts
- Can save credit card numbers, PINs, and CVV codes
- Can save answers to challenge/security questions
- Can save secure notes and form-fills for other data you wish to secure
- Automatic changing of your passwords with a single click
- Military grade encryption protects all of your data
What Else Can Password Managers Do?
Using a password management tool allows some additional flexibility in your online best practices. Here are a few things to consider:
- Using a new email address for each of your accounts
- Storing notes on your accounts with instructions or reminders
- Create authorized users or emergency access codes
- Store your credit card and payment account data without needing it to be cached in your phone, tablet, or browser
What is the Best Password Manager
Best is a subjective term so we leave some of the decision making up to your personal preference for the user interface, features, and ease of integration into your life. However, we recommend sticking with the name brands. Due to their larger operations, staff, and budget, they have the best defense against bad actors. Here is a list of the ones we feel most confident in include, Last Pass, 1Password, Dashlane, & Sticky Pass.
Each of these brands offers syncing across devices/platforms/operating systems and are well integrated into smartphones. You can read more about each in our definitive guide to password managers.
Last Pass
Last Pass is a premium service provided by LogMeIn, a leader in enterprise security service. It has a robust suite of password and secure data management and offers a 2FA authenticator which can be used for added security of your accounts and credentials.
- Encryption AES-256 bit with PBKDF2 SHA-256
- Free Option: Yes
- Premium: Starting at $2/mo
- Team/Sharing: Yes
- Lifetime License: No
- Browser Extensions: Chrome, FireFox, Safari, Edge, Opera
- Native Apps: iOS, Android
- Automated Password Reset: Yes
Dash Lane
Dash Lane is a full-service security suite which incorporates password management, secure notes, a VPN service, and identity theft management. It is a robust solution for those who are looking for an all-in-one product.
- Encryption AES-256 bit with PBKDF2 SHA-256
- Free Option: Yes
- Premium: Starting at $5/mo ($10 for premium plus)
- Team/Sharing: Yes
- Lifetime License: No
- Browser Extensions: Chrome
- Native Apps: iOS, Android
- Automated Password Reset: Yes
1Password
One of the original password managers, 1Password received early adoption from iOS users and continues to have a strong offering in the space. Though this is the only one of the big 4 which does not offer a freemium version.
- Encryption AES-256 bit with a 128-bit identifier
- Free Option: No, 30-days
- Premium: Starting at $3/mo
- Team/Sharing: Yes
- Lifetime License: No
- Browser Extensions: Chrome, FireFox, Edge, Safari
- Native Apps: iOS, Android
- Automated Password Reset: No
Sticky Pass
Founded by the team which created AVG Antivirus, Sticky Password rounds out the “big 4” of password managers. It is supported by a large team of tech savants who consistently assure that its encryption and its user experience are cutting edge.
- Encryption AES-256 bit with PBKDF2 SHA-256
- Free Option: Yes
- Premium: Starting at $2.5/mo
- Team/Sharing: Yes
- Lifetime License: $150
- Browser Extensions: Chrome
- Native Apps: iOS, Android
- Automated Password Reset: No
Password Manager Comparison Chart
For those looking to know a bit more detail about password managers, we have created the below chart which you can filter and search as needed.
You are trying to load a table of an unknown type. Probably you did not activate the addon which is required to use this table type.
Advanced Uses Of Password Managers
Utilizing these tools can be useful not just for security but for your digital estate plan and family governance needs. Here are a few advanced ways to use your password manager-
Increased Security: Multiple Email Addresses
Using a new email address for each of your accounts, or segregating your accounts by type and using a few different email addresses adds even more security to your accounts. People can easily guess that your email may be “JoeSmith1960@whatever.com” but creating a protocol for emails, especially if using a private server, gives you an incredible amount of anonymity.
Recommended Email Strategy
Specifically for family offices, we recommend taking an advanced strategy with your email and password management. Create a prefix for each family member and a suffix string for email accounts. Then utilize a password manager to generate a secure password and save the accounts. Essentially creating serial numbers for your accounts. For example:
Email Strategy Case Study
Consider this fictional example of how to deploy an advanced email security strategy.
Note that this type of strategy is meant to secure online accounts, not for managing the deluge of correspondence received during the course of our daily lives.
This type of structure also helps transition assets in a digital estate plan.
John David Smith is G1 and setting up his online accounts as part of his digital estate plan. John’s family elected to utilize initials as the prefix schema. This allows the family to quickly identify accounts created for, or for the benefit of, John.
SUFFIX: JDS
Suffixes assigned to designated account types based on general categories:
- 1XXX – Personal Finances
- 2XXX – Social Media
- 3XXX – Shopping & Disposable
- 4XXX – Business Related Log-Ins
When combined, the prefix & suffix schema create a schedule of accounts which the family or the office can track. This is quite useful when planning the transitions of your digital assets within your estate plan.
- “JDS1001@family.com” for primary banking
- “JDS1002@family.com” for brokerage account
- “JDS2001@family.com” for social media account
Digital Estate Planning: Account Access
Many people do not ready the End User License Agreement (EULA) for their favorite digital content provider like iTunes, Spotify, Amazon Kindle, etc. So, you may be surprised to know that the media you “purchase” is unlikely to transfer ownership to your spouse or next of kin–unless you specifically plan it in your will.
In addition, without specifically giving someone authority to access your account, their using your username/password can void the EULA. So, aside from stipulating transfer of these assets, you will need to be able to pass the log-in credentials. Password managers make this easy.
Account Transfers
Some password management tools allow you to share log-in credentials for sites. So spouses can access the same accounts or an attorney can have admin access should they need to access it. For providers that do not offer this functionality, there is still a lot of value added to your digital estate planning. In these instances the recipient, be it spouse, partner, attorney, or child, can be given a single user name/password combination to access the account.
Emergency Access
In the event that you are incapacitated, your medial POA, attorney, or spouse can access your account with an emergency log-in code. Furthermore, if you have made provisions in your digital estate plan and shared your master credentials, they can directly access your password manager and gain access to the necessary accounts.
This is a great tool to assure the household continues to run smooth; bills are paid, investments are watched, etc.
Account Transfer Case Study
Consider this fictional example of how to deploy a password manager in a digital estate plan.
John David Smith creates his log-in ID and master password for his LastPass account. After linking all of his accounts to it, he stipulates in his will that access to his digital vault be passed to his next of kin.
Upon John’s expiration, his partner (or next of kin) would have access to the password manager and all of the account log-in credentials; eliminating one of the biggest stressors in spousal or generational transfer.
In the event that John becomes incapacitated, his account vault can be accessed using an emergency access code or protocol. This will assure that healthcare data or insurances can be accessed, bills can be paid, correspondence kept up with, and otherwise assure the household runs.
What Is Multi-Factor Authentication?
Multi-Factor Authentication (MFA) is an added layer of protection which secures your account beyond just a password. The most common MFA is two-factor authentication (2FA). It sounds complex but it simply refers to providing two types of validation in order to access an account.
A common example is your ATM card. You insert the card to access the account and your PIN to authorize the transaction. In cyberspace, this is usually a combination of a password and either a text code or biometric verification, like your thumbprint.
How Does Multi-Factor Authentication Work?
In the easiest of terms it combines-
- something you know (like a password)
- something you have (like your phone)
- something you are (like your thumbprint)
Why Use Multi-Factor Authentication?
By utilizing even a basic two-factor authorization (2FA) process the security of your accounts is greatly improved. In fact, it is the top thing which security experts recommend for improving your cybersecurity, according to a Google Security survey.
What If A Website Does Not Have MFA?
Most websites, particularly financial institutions, have enabled 2FA or MFA protocol. Even larger, slow to change corporate institutions have been rolling out MFA options for account security.
If your institution does not offer 2FA or MFA, be sure to specifically ask for it. They may surprise you and implement it. Of course, you can always check the registry of MFA enabled websites to find an alternative platform.
What Is An Authenticator?
An authenticator is an application or device which provides a code which can be used in the multi-factor account access process.
Originally, authenticators were relegated to the corporate world in the form of a hard token. It was a keychain device which scrolled a random code which was entered when logging into a PC.
Now, authenticators come in the form of phone applications which adds convenience and reduces the administrative costs of deploying an MFA protocol.
How Do You Use An Authenticator App?
The process for using an authenticator is easy. It is installed on a smartphone, websites are added, and you’re done!
Here is a quick overview of the entire process:
- Download the application
- Connect it to a website or software which supports MFA or 2FA
- Use the app each time you need to log-in
Top Authenticator Applications For Download
There is no shortage of authenticator options. However, we prefer to keep things simple and recommend the larger and best-maintained tokens. These include: Google, Last Pass, Microsoft, and YubiKey.
Last Pass
If you already use
Last Pass Authenticator
- Cost: Free
- One Tap / Push: Yes
- QR Supported: Yes
- Native Apps: iOS, Android
- Browser Extension: Chrome
- Hardware Accessory: No
There is no surprise that Google would have a topnotch app which is easy to use and works on multiple platforms. Nothing fancy here. Just a stable application which
Google Authenticator
- Cost: Free
- One Tap / Push: No
- QR Supported: Yes
- Native Apps: iOS, Android
- Browser Extension: No
- Hardware Accessory: No
Microsoft
Microsoft has a great app which is also the standard at the enterprise level. If you have are used to using this for your work functions, it will do a similarly fine job for your private life.
Microsoft Authenticator
- Cost: Free
- One Tap / Push: Yes
- QR Supported: Yes
- Native Apps: iOS, Android, Windows 10 mobile
- Browser Extension: No
- Hardware Accessory: No
Yubico
in 2011 Yubico moved its HQ to Silicon Valley and the rest is history. They offer the best device-based security system for consumers and enterprise alike. What we love even more is that the price point remains low.
YubiKey
- Cost: $45
- One Tap / Push: Yes
- QR Supported: Yes
- Native Apps: iOS, Android
- Browser Extension: No
- Hardware Accessory: Yes
Additional Learning
As you continue learning about managing property risk, the additional chapters in our guide will prove to be invaluable resources.
Check back for our PROPERTY RISK analyzer
Check back for the release of our property risk analysis tool.
Additional Learning
As you continue learning about managing your personal cyber risk, the additional chapters in our guide will prove to be invaluable resources.
Be the first to KNOW
Get Breaking News, Trends, and Advice
privateRISK.org