Archives - Password Management

Log out of websites and apps when you’re finished

It’s very convenient to stay logged in to a website or app, but it creates some security risks. Attackers may be able to impersonate your session ID and hijack your account. When you’re finished, log out and use a password manager so it’s easy to log back in.

If Google warns that your passwords have been compromised, change them immediately

Google will notify you both in Chrome via pop-up and through email when any of your saved passwords are compromised. Change them as quickly as possible to prevent personal information from being leaked. It’s worth noting that you have to change passwords on each individual site where they were compromised. Passwords are most easily compromised […]

Don’t recycle passwords, use a unique password for every account

Reusing the same password across accounts means that if it’s stolen even once, everything from your personal email to your Facebook could be hijacked. Also, the most frequently reused passwords are easily guessed, such as “password” and “123456.” Use a password manager to produce and securely store strong, unique passwords for every login.

Don’t trust an account that claims it can recover your password

An account should not be able to recover your password for you. Your password is encrypted and known only to you. If you lose the password, the service associated with the account should reset it and send you a new password that you can then change. If the service says it can recover your password […]

Use passphrases

The longer the password, the better. That’s why using an entire phrase instead of just a word is ideal. Instead of coming up with a nonsensical series of numbers, letters and characters, you could come up with a phrase that’s equally strong and much easier to remember. Like, Tacos Are The Best! or, everyone-loves-a-good-rainbow.

Only use well-known password managers

Scammers may invent fake password managers to trick people into giving them their passwords to sensitive accounts. To avoid this, only use password managers that have an established reputation and have numerous customer reviews, like Dashlane, Keeper or LastPass.