How many secure websites do you log into on a regular basis? If you’re like most people, the answer is way too many to count (think: Amazon, Gmail, Facebook, Twitter, LinkedIn, your work log-in and online banking, among many others). So, here’s the real question: how do you keep track of all of your passwords?
If you rely solely on your brain, using passwords that are easy to remember, you’re definitely not alone. For example, does your password contain your first or last name? Your birth date? A Star Wars character? Is it “password?” Or 123456, the most hacked password of them all? You might even use the same password on multiple sites—considered a huge no-no when it comes to digital security, but, let’s be honest, how many passwords can you possibly remember? The scary truth when you take this approach, though, is that you leave yourself—and all of your personal information—vulnerable to malicious bots and hackers.
What’s the best way to keep your digital details safe?
Use a password manager. These applications are golden among the tech savvy because they take the guesswork out of managing multiple unique, difficult-to-crack passwords (the kind that include capital letters, lowercase letters, special characters and numbers). All you have to do is memorize the master password for your password manager of choice. It’s as simple as that: one password to rule them all.
How they work
Password managers act like encrypted, virtual vaults with one purpose: to keep your password data safe and secure from digital predators. A typical password manager will store your log-in information for different secure sites, then it will automatically log you in each time you visit that site. Many can be synced across multiple devices, including your mobile phone and desktop computer. A good password manager will even let you know when it’s time to change your password, and then scramble a new (difficult to crack) password for you. It will do all the heavy lifting, so you don’t have to.
What happens if the password manager you use is hacked? It can—and does—happen. But most password managers boast some form of encryption protection that keeps your passwords safe even in the event it does get hacked. Ultimately, though, it comes down to the lesser of two evils. And a weak password, or even a strong one that’s used over and over again, will make you much more vulnerable than any password manager ever could.
Top five password managers
So, you’ve decided to use a password manager. But which one should you choose? There are a lot of options, and (like anything on the web) they’re evolving every day. Thankfully, this is exactly the kind of information tech publications, such as PCMag and LifeHacker, regularly poll their readers and editors for all the time. Here are the current frontrunners:
Cost: Free for basic features; $16.99 per year for upgrades
LifeHacker calls LastPass the juggernaut of password managers because it led the way in password management and is one of the first of its kind to sync with all of your devices. It analyzes your passwords to determine their strength or weakness, automatically populates your information on the sites you visit and it will change your passwords on the fly when a website or app you use has been hacked. One of its greatest features is its ability to support a variety of two-factor authentication options, which ensures your information is locked up extra, extra tight. It also supports pretty much every browser and operating system imaginable.
Cost: Free for basic features; Upgrade options starting at $54.99 per year
This password manager boasts some pretty slick features: it’s available for all of Windows, OS X, Android and Apple devices, it generates strong passwords and autofills your sites, its latest upgrade supports seven languages and it can change your password automatically on 500 websites. Perhaps the biggest benefit of this password manager: its ability to store your passwords on your own computer as opposed to the cloud, which can leave you slightly more vulnerable.
KeePass is a free, desktop application that’s open-source, completely customizable and controlled by you. Your passwords are stored on your computer (as opposed to the cloud) and always within your reach, which is great if you’re concerned about them living on a third-party server. It also gives you offline access. The downside? It’s up to you to change your passwords (although it does include a handy password generator to help you come up with them) and sync them between your devices. It supports Windows, OS X and Linux, among other operating systems, and tends to be a darling among the technical sect.
Cost: Free on mobile; $89.99 for desktop
The most aesthetically pleasing of the bunch, 1Password does everything the other password managers do and it looks pretty great on every platform and browser it runs on. One of its prized features: a digital wallet for bank accounts and payment information. You can choose to use it locally or sync it with all of your devices. And, like the others on this list, it supports most operating systems and browsers.
Cost: Free on mobile
RoboForm is an oldie (it’s been around since 1999), but a goodie (its long history of good security cannot be discounted). It doesn’t boast all the bells and whistles of its competitors, but it is one of the easiest password managers to use. Like 1Password, it offers the option to keep your information local or sync it across your devices. It also has a handy bookmarking function that allows you to keep track of all of your secure sites in one place.
This article is intended as general information only and is not to be relied upon as constituting legal, financial or other professional advice. A professional advisor should be consulted regarding your specific situation. Information presented is believed to be factual and up-to-date but we do not guarantee its accuracy and it should not be regarded as a complete analysis of the subjects discussed. All expressions of opinion reflect the judgment of the authors as of the date of publication and are subject to change. No endorsement of any third parties or their advice, opinions, information, products or services is expressly given or implied by Royal Bank of Canada or any of its affiliates.