A quick and easy introduction to Password Managers

What was my password again?

It could be quite tempting to create a simple and easy-to-remember password. Back in 2016, Wired had reported that the two most commonly used password on the web for 7 years running were – “123456” and “password”. Insecure, weak and predictable passwords are still used till this day. It could be even more tempting to keep the same password for each and every account created.

In the previous blog post, we discussed what phishing emails are and the potential outcome of providing your password to a cyber criminal. As a quick reminder, phishing emails refer to a malicious attempt to try and trick a user from doing what the scammer wants to achieve (such as stealing your credentials). A company could also suffer a data breach which discloses your own credentials. The list of unfortunate scenarios which could end up with your password being leaked online are endless.

The moral of the story is that if all your accounts share the same password, anyone with malicious intent who has also obtained such sensitive information is now able to access several of your accounts.

What should you do?

It is important to create a different, unique and strong password for each and every one of your accounts. However, the challenge is remembering all the different passwords whilst knowing what makes a good/secure password in the first place. This is where a password manager can help.

What is a password manager?

Think of this as an application which is responsible for storing all of your credentials. All you have to do is remember one master password which grants access to your password vault.

The master password should be long and unique. One recommendation is to make your master password a passphrase (i.e – a long password which is made up of multiple phrases or words). Remember though, if you forget it, you will not be able to access any of the other passwords stored in the vault.

Benefits of a password manager

Generation of strong passwords – In order to create a strong and secure password, there are several requirements one should follow. Examples of these may range from: 8 characters or more, combination of letters, number and symbols, upper/lowercase, etc.. Through the click of a button, all the heavy lifting is done by a password manager and a complex password is automatically created for you. (as will be later explained in Section 3B).
No need to memorize different passwords – There is no need to remember each and every password for all your accounts. Instead, all you have to remember is the one simple master password that is set to authenticate into your password manager.
More than passwords – Additional information can also be stored besides passwords. This could range from any sensitive notes, passport details, wifi passwords, bank account details and so much more.
Reducing the overall risk – If during the unfortunate event a cyber criminal is able to steal your password, they wont necessarily be able to also gain access to your other accounts (due to different passwords created). Obviously, this is not a full-proof method but could be viewed as an additional layer of security.

For the rest of this blog, I will be discussing a free Password Manager called Bitwarden. There are obviously other types of password managers (both free and paid – which offer their own benefits).

Tutorial:

Section 1A will explain how to install Bitwarden on your desktop/laptop, whilst Section 1B discusses the same procedure, however this time on your mobile phone.

Section 2 shifts its focus on how to even set up the password manager and create your own account.

Finally, Section 3A focuses on how to store your passwords whilst Section 3B concludes with showing an example of how Bitwarden can generate a strong/secure password for you.

Section 1A – Installing the password manager – Desktop/Laptop Option

Navigate to https://bitwarden.com/
Select the ‘Download’ button
Select your Operating System
Run the ‘Bitwarden-Installer..’ exe
Click ‘Install’

Section 1B – Installing the password manager – Mobile Option

Search for ‘Bitwarden Password Manager’
Click on ‘Install’

Section 2 – Setting up the password manager

Once installed, the next step would be to create an account by entering your email address and also creating a master password. This provides you with access to your vault, allowing you to generate passwords for each of your different accounts.

Click on the ‘Create Account’ button
Enter the credentials and click ‘Submit’

Section 3A – How to store passwords

This example shows how easy it is to store a password for one of your accounts. (note – the URL entry is optional which lets you state the name of the website for the password you are storing)

Click on the ‘+’ button
Enter credentials + click save button
Password is now stored in the vault

Section 3B – Generation of a Secure Password

As already explained, a secure and strong password can be generated through the simple click of a button. As can be seen in 2nd image below, specific characteristics such as the length and characters can also be set. This can then be used as one of your new passwords

Click on the highlighted button to generate a password
Possible options to select. Click on the tick button to save

Other features can be set such as authenticator keys, automatic launch of the website with provided credentials to login, etc.. However, for the purpose of this blog post, the idea is to show you how easy it is to install, set-up and store all of your passwords within a password manager.

Wrapping it all up

It might seem like a bit of an effort to stay setting this all up. However, in the long run, it’s actually simplifying your life. There is no need to stay creating different passwords for all your accounts and struggling to remember them. Even worse, you can avoid creating the same password for all your accounts which puts you even more at risk!