Accucom Blog
How to Get Your Passwords in Order, and Keep It That Way [Part 4 of 5]
This is part 4 of our 5-part series on getting your digital life in order! So far, we’ve discussed the importance of using strong, unique passwords for all of your online accounts, how to establish a primary email address so all of your accounts are tied to a single inbox, how to set up MFA to secure that email and your other accounts, and finally, we’re going to discuss setting up a password manager and going through the process of logging all of your accounts into that password manager.
Here’s where we are at:
- Create a few strong master passwords
- Choose a primary email for your accounts
- Secure that email with a new, strong password
- Choose a Multi-factor authentication app
- Set up Multi-factor authentication on your primary email
- Select and set up a password manager
- Update every account, secure it, and log it in the password manager
- Delete old passwords stored in your browser (or in Word documents, spreadsheets, sticky notes, or anywhere else)
- Maintain the course!
Set up a Password Manager
A good password manager will make the rest of this process a whole lot easier and will be your best friend when it comes to getting you into your accounts.
Over the last few years, dozens and dozens of password managers have been developed, and while each one will have its own pros and cons, there are a few good ways to narrow down what you should use.
The first option to look for is whether or not the password manager works on the devices you use. If it only supports iOS and MacOS, but you use Windows and Android, then it’s not a good fit for you. It won't be very useful to you if it doesn’t seamlessly work across all of your devices.
If your employer provides you with access to a password manager, there’s a chance that you are also able to get a personal or family account through your employer for free. Not every password manager offers this, but several do as a perk. Most password managers are a few dollars a month for premium services—it’s not much, but if you can save $30-to-$50 a year because you get a free personal subscription from work, go for it! However, you DO NOT want to use your work account to store personal passwords! Keep them separated!
Here are some of the leading password managers on the market as of 2024:
Keeper Password Manager - Keeper works on nearly every platform, including Windows, Mac, Linux, Android, and iOS. While there isn’t a free version, you can try a free trial, and there are family plans, business plans, as well as special pricing for students, military, and medical users. If your company uses Keeper, you can get a free personal account.
Learn more at https://www.keepersecurity.com/
NordPass - Nord is a company that specializes in user security, and their password manager has been getting very high review scores. It supports iOS and Android, as well as 7 of the most popular web browsers. There is a free version, however, we urge users to consider the Premium or Family plans for added security and features.
Learn more at https://nordpass.com/
1Password - 1Password has been around for a while and has a proven track record. It works across Android, iOS, and most browsers. It offers a 14-day free trial and plans for individuals, families, and businesses.
Learn more at https://1password.com/
Dashlane - Dashlane is a little pricier than the other options (on average, the personal plan is about twice as much as the competition). Still, Dashlane started out as a business-centric password manager first. If your company already uses Dashlane, employees can get a personal license.
Learn more at https://www.dashlane.com/
Semi-Honorable Mention: LastPass - LastPass has been around for a long time, and works on iOS and Android, and can be installed on most popular web browsers. The free version only works on a single device. Unfortunately, LastPass suffered from a bad data breach back in 2022 and early 2023. They take security seriously, but how they handled this security breach disappointed us.
Most of these password managers are similar for most home users. However, for businesses, there are definitely some big differences that you’ll want to weigh when it comes to equipping your employees with a centrally managed password manager. We can help your business make the right choice—just call us at (02) 8825-5555.
Once you choose your password manager, setting it up is pretty straightforward. Use your primary email address to make the account, and create a new, complex password that you’ll use to log in.
This is the password you’ll need to memorize, but it’s also the password that rules over all of your other passwords, so complexity is extremely important. Use our suggested method from Step One, where you string several random words together, and then utilize capital letters, numbers, and symbols.
Follow the password manager’s instructions for securing the account, setting up MFA (keep in mind that it’s sometimes referred to as 2-factor authentication, multifactor authentication, MFA, or 2FA), and making sure your account is in good standing.
You’ll also want to set up your subscription for the password manager so you get all of the premium features. Most will have you set this up while subscribing to the free trial.
Finally, you’ll want to install your new password manager on the devices you regularly use, and sign into it. Most of the time you can download the app for your password manager from the Google Play Store or Apple App Store.
Go Through All Your Accounts, Update Passwords, Secure Them, and Log Them Into Your Password Manager
This is the big step.
We recommend you grab a snack and a drink because, depending on how many accounts you have, this can take a while. Pace yourself and take your time—it’s better to be thorough.
You are going to learn something about yourself with this task—I certainly did. I learned that I had well over 300 different logins, and you’ll likely discover that you had more than you thought you did.
There’s sunshine at the end of the tunnel, though…
Once you have everything properly documented and logged in your password manager, keeping things maintained and organized is infinitely easier. You’ll never have to do this again if you take your time and commit to it.
If, down the road, the password manager you selected goes belly-up and you need to move away, all of the managers we suggested will let you export your passwords and move them to a new solution.
I made this switch a year ago over the holiday break, and it took me a solid two days for all of my accounts. It was a nightmare, but I’ll never have to do it again, and I know for a fact that all of my accounts are using secure, unique passwords. I fully control everything and never have to fish around for a password.
Your new password manager will have a password generator. Every time you add a new record, you can use it to generate a long, complex, unique password that the password manager will save for you. We’re going to be doing this for each and every account, but there are some other housekeeping steps you should do, too.
Here’s What You Are Going to Do For Every Single Account You Have
- Log into the account.
- Find the account settings/security settings area for that website or account, and confirm that the account is set to your primary email.
- Update any and all information under the account (add in a phone number if they offer SMS authentication, check to make sure your address is up-to-date, etc.)
- Log the account into your password manager—put in the URL of the account, the username/email used, and generate a new, complex password using the built-in password generator.
- Update the password for the account with the new one, and follow any steps required to authenticate the change (some accounts might send you a link or code to your email to verify).
- Look for options to enable and set up multifactor authentication, 2-factor authentication, MFA, or 2FA. Follow the steps to enable it and set it up in your authentication app.
- Save the password record in your password manager and move on to the next account to repeat the steps.
Ensure that Every Password is Unique
Most of the suggested password managers will warn you if you are using weak passwords, so as long as you use their password generator tool to create a unique, complex password for each account, you should be golden.
You should rarely have to type in these passwords by hand, as you can install your password manager onto just about any device, so be sure to generate long, healthy, complex passwords. We recommend 16-24 characters with capital letters, lowercase letters, numbers, and symbols.
You Can Cheat a Little with Streaming Services
Above, we had mentioned you’ll never need to type in a complex password by hand because you can install your password manager on virtually any device. There is an exception to this—your TV.
It’s a huge pain to try to type in a 24-character Netflix password just to watch The Great British Bake Off, so here’s a little exception to the rule that you can use specifically for streaming services to make the passwords a little easier to enter in.
Remember, you still want these passwords to be unique, complex, and random… but maybe you want them to be a little easier to type into a television with a remote control. This also applies to guest Wi-Fi passwords and other accounts that you might need to read out loud or share manually.
Here’s a quick set of tips to make passwords that are easy to type or read out loud to a guest:
- Keep capital letters bunched together so you don’t need to tap the shift key over and over.
- Keep numbers and symbols bunched together for the same reason.
- Want to be super lazy? Use characters that are near each other on the keyboard.
- Avoid characters that look like numbers or other characters, like capital Is, lowercase Ls, the number 1, the number 0, and the letter o.
For example, if your Hulu password is something like this:
AAAQTXnuuyhu25548!#
(obviously, don’t use this password since it’s published on the Internet)
Note that the first third of the password is all caps, and all use letters on one side of the keyboard, while the second third is all lowercase using letters from the other side.
It’s much easier to type out with a television remote than something completely random, but this password still follows all the critical rules that make it a long, complex password! It’s just easier to enter into your television.
How to Find Websites and Services You Have Accounts For
Remember, your goal is to find every website, service, and account you have a login for and document and update it. That’s going to include the following:
- Bank accounts and credit card accounts
- Online payment accounts like PayPal, Venmo, and Zelle
- Online stores and marketplaces like Amazon, eBay, Etsy, and more
- Social networks like Facebook, X, LinkedIn, and Reddit
- Subscription services like news websites, Patreon, and others
- Entertainment sites like Netflix, Hulu, and Disney
- Services like Turbotax/Intuit, Microsoft, Adobe, your antivirus, and others
- Local, state, or nationwide accounts like IRS.gov, the DMV, and others
- Alternative email accounts
- Video game accounts like Steam, Nintendo, Sony, Microsoft, Epic, and others
- Website domain, hosting, and CMS logins (WordPress, Joomla, etc)
- Applications that you use that store information like Evernote, Microsoft, Notion, etc
- Home technology equipment like your router, smart home devices, guest networks, and more
It’s easy to forget just how many accounts you might have, so here are some tips for jogging your memory and finding them all:
- If you were storing passwords in your web browser, you might be able to find them there. For Google Chrome, click the 3-dot menu at the top right and go to Passwords and Autofill > Google Password Manager. For Microsoft Edge, click the 3-dot menu at the top right and go to Settings > Profiles > Passwords. For Firefox, click the hamburger menu at the top right and go to Passwords, or go to Settings > Privacy & Security > Logins and Passwords > Saved logins. Finally, for Safari, go to Settings/Preferences and click Passwords.
- Look at your bank account statements over the last year. If you get billed for any subscriptions, chances are you have an account to adjust.
- Go through your email. Look for terms like “account” or “welcome.”
Be Sure to Check Out The Rest of the Posts in This Series
This is a five-part guide! Head on back to our blog to see the rest of these articles (we’ll be posting each one every other weekday). You can also click on #Password Guide below to see all the currently published parts.
Comments