The Importance Of Secure Passwords
There are a lot of good third-party password managers out there. LastPass, RoboForm, Norton, and Steganos to name a few. Except for mentioning the Free version of Norton Password Manager below, this article is not about third-party software.
Why You Should Use A Password Manager
Using a password manager helps prevent users from getting lazy. Laziness results in users making one password for multiple sites and creating simple to remember passwords, two bad habits that may end up costing you in the long run.
It wasn’t too long ago that all you needed was a password for your email account, Microsoft or Apple account, and probably your banking account. Now, with everyone having multiple social media accounts, blogs sites they visit, and software update accounts, it is easy to have dozens or more. The more we need, the easier it is to fall into the trap of using one for several sites.
Most password managers have an annual cost which I don’t understand but if you are not using a password manager at all, it is worth the price. Many software companies offer free versions but restrict some features. One of the better free versions is Norton Password Manager. It has a secure 256-bit AES encryption that offers many of the features of paid versions, including form fill and especially the ability to sync your password vault across devices. You can see the difficulty of the auto-generated password.
Once you log into your vault, you can enter usernames and passwords for websites, Autofill for credit cards, and a safe place to hold addresses, notes, and browser favorites.
Browser Passwords Managers
Most of the popular browsers, Edge, Chrome, Firefox, and others offer a very easy-to-use intuitive password manager. I always used the password feature in all of my browsers even when I was using a paid version, just as a failsafe in case something happened to my password manager.
As I mentioned, they are extremely easy to use.
In Edge
Open your Settings and more menu by pressing the ALT+F keys or by clicking on the three dots or dashes in the upper right of your browser. Once you are in the drop-down menu, select Settings.
After clicking on Passwords in the Setting menu, the new screen will display the options available.
First, ensure that the toggle switch is moved to “ON”. Once selected, Edge will start saving passwords automatically when signing into a new site. When you revisit the site, the username and password will automatically be filled in.
Select the way you want Edge to handle Autofill. Automatically or by requiring you to enter your Microsoft Password or PIN. You then have the option to require it every time you sign in or have it remember your password while the current browser session is open. Frankly, this option gets old quickly, having to enter your MS password or PIN when entering your username and then your password may add a bit of security but is tiresome. The choice is there if you want it. If you prefer to use your PIN instead of a username and password, select More Choices and use your PIN.
Moving the toggle switch to On will show entries you type.
One of the newer features is to have Edge search the internet for any combination of username and passwords that have been breached. This feature has already alerted me to a breached password/username combination.
Finally, if you switch this toggle On, Edge will automatically suggest a strong password for you. It will be one that you would find hard to remember but as long as you use the same browser, your password will always be there for you.
Note: To take full advantage of this feature, you need to click on your profile in the upper right-hand corner of the browser and select Sync ON. This will allow you to have your passwords available on any device. Also, if you use more than one browser, it is an easy matter to import your passwords into another browser, giving you full access to all your passwords on any device using any browser.
Another feature shared by all browsers that have the password option is to view any particular password for any selected site. In the image below you will see that it lists the website, Username, Password, the eye icon to view your password (after you enter your MS password or PIN), and normally the Health of that password (mine is turned off but the health values are shown below).
Summary
I originally got hooked on LastPass, a very good and easy-to-use password manager in my opinion but after their last price increase, I found it hard to justify. Like RoboForm, they run just under $50.00 annually, with Dashlane wanting over $80.00 annually. There is nothing significantly improved year to year to require an annual license and I could not justify another license.
Some companies offer a one-time fee, but I find it too difficult to try them all, and to be honest, it is hard to use a password manager on a trial basis. You must first enter your passwords, and any additional data and use it aggressively enough to ensure it serves all your needs. Now that my browsers are all synced on all my devices and my wife imports the accounts she needs into her browser profile, I find them fully sufficient. As I mentioned, all the browsers are very similar in the way they handle your passwords, and having them search the internet for breached passwords is a plus. I just received a notice that I had a password breach for a Corvette forum I signed into in 1998 and was discontinued in 2004.
Somehow, someone must have used the old passwords from that closed account to hack users. I don’t even have the account any longer but if I used that username and password combination on more than one site that hacker would have been able to break into all my other accounts. Bottom Line, use secure hard-to-break passwords even on something as innocent as an automobile forum and don’t repeat it on other accounts.
—
I use a password manager on my main laptop but I enter and update the passwords. I would like to use the secure password generator but I am concerned that I won’t be able to log onto accounts without the password manager being installed on the machine. For example I don’t often do any banking on my work laptop but I do ocassionally. How do I remember the randomly generated secure password ?
Hi Jas, if you use the password manager in for instance Edge, all you have to do is sign into your Microsoft Account on any device and your passwords will be transferred to that device. So there should not be an instance that it is not available to you if you are signing in from the browser. Regardless of the difficulty of the password that was generated, it will be available to you and auto enter it. However, Occasionally, you might come across a situation where you need to sign into a site on the site’s app. In that case the password will not automatically show because you are not using the browsers password manager. In that case, I just open the browsers settings/password area of your browser and use search to locate the sign-in credentials for that site and then use the password copy function. Then just paste it into the app. To do that, you will have to enter your browsers password or pin. So in essence you will always have the password available even if it won’t auto enter it.
I am glad to hear that browser password managers are now safe to use because In the past I recall that they were not recommended
Bern, The browser’s password manager is as safe as the password used to sign into your browser. If you use Edge it will be your Microsoft Account password and Pin #. If it is another browser like Chrome it is your Google sign in. I recommend using a very strong password to sign into your browser regardless of which browser you use. Even when you sign into your browser, you still would have to sign in again to access your passwords. They are never just available to you or anyone else with a sign-in. The only way for anyone to see your passwords is to know your browser’s sign-in. Also, Microsoft’s Edge now allows you to enter your credit card information so if you purchase something while in Edge, it will fill in the CC info. However, I would ensure that it asks for you to enter your password before doing so.
You went into detail for Edge…what about Firefox or Chrome?
Thanks,
Dan
I have just dumped ‘Last Pass’ and going back to the Built-in password safe in EDGE. I have planned to dump the one in Edge, but held off and I am so glad I didn’t with all of the hijinx by Last Pass in the last year, I don’ want anything to do with them, and as usual, they refuse to even engage in a conversation when discussing problems.
Hi Charles, I agree, I have used “Last Pass” for over 5 years. I was a big fan of the paid version but also did not appreciate the way they have changed things and the price increase. I found that with the sync feature in the browsers, there isn’t anything they can’t do that LP does. Including form-fill.
Thanks for question Dan, you are correct, I did not spend a lot of time going into the other browsers because there is very little difference. They are all pretty much the same with a few exceptions. Chrome, if opened in windows 10 will ask for your Microsoft Password/pin before you can see the passwords hidden in Chrome. FireFox does give you the ability to set a Master Password which you would have to use first. Opera, Tor and Brave all have the capability of saving passwords but I have not used them to do so. Because my default browser is Edge, whenever I do use Firefox and Chrome I update the password database to match Edge so I always have all my passwords available to me in any of those three browsers.
OK, Jim – I’ll look into it.
Thanks for your reply.
Dan
what do you think of BitWarden?
Hey Delma,
I’ve been using Bitwarden (free) for about 18 months now and, in my opinion, it is terrific.
https://davescomputertips.com/best-free-password-manager/
(with apologies to Jim C for jumping in)
Hello Delma, I was not a fan of their layout as a personal preference, but I am always a big fan of open-source software. It has a lot of options and is secure as any out there. I have not used it in a while but if Jim Hillier says it’s terrific, you can count on that. I still have my password for my BitWarden account, I might have to revisit and see if improvements have been made since I last used it.
(Thanks for your insight and input Mr. Hillier. )