Please Use A Password Manager
If your password is “password123” (Hi Mom, I know your password), if you go to haveibeenpwned.com and see “Oh no — pwned!”, or if you breathe oxygen, please use a password manager. Your password is not safe written down in a notebook that you keep in your desk. It’s not safe if you reuse the same password and “just change a character when I have to”. Imagine some website you use got hacked and your password is available to buy — for a pittance — on the dark web.
Your online security requires a little more attention than convincing yourself that “security theater is ‘OK’”. You may be a small fish in a big pond, but you can still be packaged up and sold as a sardine.
Everyone has a gut feeling that there must be a better way to manage passwords. Memorized passwords are fragile: either we run the risk of losing accounts (or even worse, having to contact customer service) because we might forget what password we used, or we have the passwords written down somewhere where other people can find them.
There is a better way: password managers. The reason why the use of password managers isn’t taught to children at the elementary school level, along with digital citizenship concepts and fundamentals of meme creation, is beyond my understanding. Password manager software has been around since the beginning of the internet, but for some reason they’re not a common occurrence.
There are plenty of password managers out there. Any of them are better than the same password you came up with as a teenager and reuse everywhere.
Use KeePass
Here are the pros of using KeePass:
1: It’s easy to install (Hey there Ninite. It’s me, ya Boi.)
2: It’s available on Linux, Android, and iOS as well as Windows
3: It’s free and will stay free.
4: It’s open source.
The cons:
The windows app isn’t as pretty as most new programs. The android and iOS apps don’t have that problem because they were created by secondary developers.
KeePass works by creating an encrypted database file that is protected by a password (that, yes, you do have to remember). You enter this password and the program decrypts the file and displays all the accounts you have stored.
You can then right-click to copy/paste the username, password, and URL of an entry, and create new entries.
Because I work on several different computers on a regular basis, I store my database file on a USB that fits in my wallet. Every time I need logon information I plug in the USB to open the file, then when I’m done I save it to the USB and to a backup location on the computer itself. Always back-up your database file, either on separate device or to a cloud-based location.
How To Install KeePass on Windows
1: Go to Ninite.com. Under “other” check the box for KeePass 2. Scroll down and click the blue button that says “Get Your Ninite”. (Alternatively you can follow this link to automatically download the Ninite Keepass installer.
2: Run the Ninite KeePass 2 Installer file. You may need to run it as administrator (right click on the file and select “run as administrator”).
3: Allow the Ninite Installer to run. KeePass is installed on your computer. You can rerun the Ninite installation file to update KeePass as updates become available.
KeePass on Mac
There doesn’t appear to be a good simple way to install KeePass on Mac. However, Mac’s native Keychain application is a great password manager in itself. Make sure to use the password generator so that you’re not reusing passwords, and save the generated passwords in the Keychain database.
KeePassX on Linux
I won’t reinvent the wheel. Here are instructions from KeePassX’s website.
Mobile Options
Android: KeePass2Android
Above: Screenshots of the Keepass2Android app.
Left to right:
1: The opening screen.
2: Storage options for the database file.
3: The requirements to use Google Drive files: I wasn’t excited to see “See, edit, create, and delete all of your Google Drive files”, but I’m not sure if there are other options for Google Drive management permissions.
4: The screenshot of my personal files: the Keepass2Android app wouldn’t let the screen recording software capture my personal information.
This is a solid app with a well designed interface. It can be set as the default autocomplete, so you rarely have to worry about copy/pasting your information into other apps.
iOS and Mac: Strongbox or KeePassium
iOS’s native Keychain application is a great password manager, so if you live your life on Apple products, use that. Make sure you’re using the password generator to create secure passwords.
If you bounce between Windows and an iPhone, KeePass is still a good option. I don’t have an apple device, so I haven’t tested the following apps. I won’t pretend to review them without first-hand experience, but both of them have been recommended by the r/KeePass Reddit community (with a lean towards KeePassium, but it appears that the developer is simply more active on the forum).
Other Options
I’m partial to KeePass because it’s what I personally use. If KeePass doesn’t look like a good fit for you, here is a Wikipedia article/list of other password manager software options. It really doesn’t matter to me which one you choose; PLEASE just use one.
If you want to support me, support yourself by installing Brave Browser. You’ll get faster speeds, fewer ads, and the option to earn cryptocurrency. For free. No, it’s not too good to be true. Download via this affiliate link and we’ll both benefit.
Top Photo Credit: personal creation from a photo by CMDR Shane on Unsplash
