Question Of The Week: What Is A Password Manager & Why You Need It
What is a password manager? And why do you absolutely need it in this hobby? Our question of the week this week is a bit different. Rather than directly answering the question, we will look at why the question matters. I have a feeling many people might be unfamiliar with this topic. We’ll look at what a password manager is first, then the many reasons why you should have one. After that, we’ll cover some of the most popular, so you know your options.
The Question
Our question of the week comes from Ilene in our Facebook group:
While the question is simple (“What’s your favorite?”), I have a feeling many are wondering “what is a password manager?” I happen to find them absolutely critical for anyone in our hobby. Rather than answering the question, I’d like to expand on it.
What Is A Password Manager?
Cybernews has a good article on how password managers work and the various types of technology involved. Simply, a password manager is this:
A password manager is a site or app where you securely store all of your passwords, and instead of remembering all of them you only need to remember 1 password–the password used to access this list.
Think about just how many passwords and accounts you have in this hobby. You have a log-in for Citi, Chase, Amex, Barclays…the list goes on. You may even have a separate log-in for a personal and a business card with some banks. Then there are the accounts for your spouse. That’s a lot of user names and passwords to remember. I bet you have at least 20 log-ins for all of your financial stuff.
And since remembering all of that is difficult, what do most people do?
Most people use the same name and the same password for everything. Or your work uses a very simple password so that everyone can remember it. Yikes. That’s how Equifax got hacked–the password was just ‘admin’.
Why You NEED A Password Manager
Using the same name and password is a horrendously dangerous thing to do. It’s bad enough that if someone gets your user name & password they could take a flight somewhere using YOUR airline miles.
The first thing online thieves do after finding someone’s password is try it on other sites. If you’re using the same name & password, it won’t be long until they access your social media & bank accounts. If you were upset at the idea of someone taking your miles, wait until they take your money.
A password manager avoids these 2 things. It fixes the headache of being safe through having a zillion passwords and fixes the security risk of being simple by using 1 password everywhere. You can have a new, unique password for every site you visit, saving them in a password manager. You don’t need to remember any of them. Just remember the 1 password to access your password manager!
Even people who don’t participate in this hobby should use a password manager. It’s just good sense. You shouldn’t use the same password everywhere, but if you have a ton of passwords, how do you remember them? I visited my parents recently and found that they had a sheet of paper next to the computer with all of their user names and passwords for various sites. Oof. Think about what the wrong person could do with that paper. I got them registered for a password manager and shredded that paper to avoid it falling into the wrong hands.
Simply put: you absolutely should be using a password manager in this hobby, so you can practice safety without headaches. This will keep your points, miles & (most importantly) money safe.
Popular Password Managers
Now we are ready to discuss some good password managers. Let’s start with the 2 mentioned in Ilene’s question.
- LastPass – famous for ease of use , you log into the website or use the browser extension to automatically fill in your name and password for the website you’re visiting. The free version only allows you to use 1 device (mobile or computer).
- Dashlane – known for a ton of extras and great security, it also comes with a hefty price. The free version is super limited, in order to get you to sign up for the paid version.
- Bitwarden – not great for those on iOS, but those using Windows will love the security. Its 2-factor authentication is easy and adds extra security without breaking the bank.
- McAfee True Key – if you’re looking for a name you recognize, McAfee has an option with minimal features that works on most browsers.
- KeePassXC – for those seeking a free, open-source version, this is for you. It has good features, but it can be frustrating for anyone without advanced computer skills.
- 1Password – the website is very easy to use, but the browser extension is a bit tricky. The key perk is the ability to create virtual credit cards for use when shopping online.
You can read reviews and comparisons of these plus other options here and here.
To get the most out of a password manager, know up front that you’ll probably pay something for it. The best features–including searching the dark web for leaks of your private info + sharing secure information with family members inside a ‘vault’–aren’t included in free versions. The vault is a good place to save things like credit card numbers, insurance policy information, scans of your passport in case it gets lost, etc. That way, it’s available any time you’re connected to a computer. And because these programs operate on military-grade encryption, it’s safe to keep your information there.
Final Thoughts
Using a password manager is a bare minimum for online security these days. Some of them are better than others, but they all accomplish the main goal: you have the security of not using the same password all over the internet without the headache of remembering those many passwords. ESPECIALLY in this hobby, where we have a zillion accounts that lead to important financial information, you should be using a password manager. If you aren’t, you should change that immediately.
Lower Spend - Chase Ink Business Preferred® 100K!
Chase Ink Business Preferred® is a powerful card that earns 3X Ultimate Rewards points in a broad range of business categories on the first $150K in spend per year. Right now earn 100K Chase Ultimate Rewards points after Learn more about this card and its features!
Opinions, reviews, analyses & recommendations are the author’s alone, and have not been reviewed, endorsed or approved by any of these entities.
[…] This content was originally published here. […]
I’ve never used a password but your article has peaked my interest. I’m asking for clarity as I’m ignorant of password managers, but if a site such as most banks have 2FA, in your opinion, is that enough even if someone actually found your user name and password?
Reason I ask is most lenders that I use, BoA, Chase, Citi, Chase, etc will require that I respond to a text sent to my cell to authenticate myself if they’ve detected that I’m logging in from a new device/unusual location.
Again, asking for clarity, not challenging the need or use of a password manager.
Thanks in advance for entertaining my question. Great article!
Yes, this is an extra layer of security and can prevent someone getting your password and logging in pretending to be you. This addresses a different problem, which is “if someone has my password, can they log in as me?” A password manager addresses a different problem, which is the fact you should use different passwords on every site, but now it’s impossible to remember all of them. 2FA and a password manager address different problems. You should honestly be using both 🙂
I still do not understand why Roboform does not make this list! Been using it for almost 20 years, best piece of software ever written for password managers imho. Maybe they need to do better marketing.
I’ve never heard of it. Just sent a text to my friend who works in IT security, and he said he’s never heard of it either.
A great article. I’ve asked about password managers on other sites but only get crickets chirping in response to my questions.
What happens if the password manager gets hacked? Do they carry some kind of insurance that will make me whole if my bank and rewards accounts are drained?
I use Apple for a phone and PC for my notebook. Will most or all cover both?
Is there one that you’d suggest for friends and family in the US?
Thanks. Your writing tends to have a lot more practical applications than some others on BA and I’m sure I’m not alone in appreciating that.
Christian – I appreciate the compliment.
I personally use LastPass and am most familiar with it. I also used 1Password in the past.
With LastPass, the down side is that they just removed the ability to use multiple devices from the free version. You have to choose what device you want to be able to log in from, and nothing else works–unless you have a paid plan. However, I set up a family plan, which I find worth it. It covers Mac and PC products, mobile & desktop.
Here is their info on what happens if they get hacked – https://www.lastpass.com/security/what-if-lastpass-gets-hacked
I don’t see any mention of insurance, to address that question specifically.
What are your thoughts on the password manager built into Chrome/Android?
Greg – You’re talking about the ‘save this password’ ?