Password security options you should not ignore any longer.
These days you can never be too careful when it comes to online security. While there are a lot of factors outside your control as a visitor online, there is one thing you can do. Have a strong, secure password. According to a 2018 survey from Statista, only 20% of the respondents said that they used different passwords for every single online login they own.
Sure, using the same user name and password makes things easier, but it is also a huge risk. With online threats being on the rise, using different passwords and changing them on a regular basis is essential to your online security. After all, stealing passwords and logins is the fundamental work that many hackers do.
If you are anything like me, you have accumulated hundreds of user names and passwords over the years, and tackling the task of organizing and changing them can be overwhelming. This is the exact reason that password managers exist. As an application, a password manager provides users a secure place to store and organize their private information. Some operating systems, like macOS, now offer a built-in option (Keychain) and while that’s a good start, it’s not the best that it can be.
Today, the first Thursday in May, is World Password Day. It’s a social movement – similar to World Backup Day – that is designed to promote better password habits. The history of the day dates back to 2005 when security researcher, Mark Burnett encouraged people to have a “password day” where they would update their important passwords. Intel Security actually has the honor of being the first to declare World Password Day in 2013.
So, what should you do this World Password Day to make yourself safer? First, find a password manager that not only works but make sure it’s one you enjoy using. It’s always easier to keep up with your password security when you aren’t annoyed by the software that is keeping track of it all. We have three that we recommend. We have experience with all three of these password managers and have found that they are all solid options and offer different features for different types of users.
NOTE: Mac Sources does not have affiliates with any of these password manager companies and the links we are providing here are just informational so that you can make the best decision for you.
1Password
As a password manager, 1Password provides users with the ease of accessing all their important data with one master password. All of a user’s logins are secured inside a vault, which is unlocked with the master password. It is also Nick’s Password manager of choice.
In addition to storing passwords and logins, 1Password also keeps information such as credit cards, bank accounts, addresses, and even software licenses secured within its vault. One of 1Password’s security features is called Watchtower.
This feature notifies users when their information has been exposed so that they may immediately take steps to re-securing their usernames and passwords. The app also notifies users when they have reused a password so there is no guesswork about when a password needs to be changed.
1Password just announced the release of 1Password 8, their latest, most advanced version to date. The app provides full support for families and team accounts as well as individuals. It requires a yearly subscription fee for access ($35.99/year for individuals), but a 30-day free trial is provided through the App Store. 1Password is available on Mac, iPhone, and iPad and the one subscription fee covers access to all of the devices.
Secrets
Secrets is a more simplified password manager that still offers quite a bit of security for its users. The app provides users with the ability to store logins, passwords, credit card numbers, bank details, and other confidential information. The app uses iCloud sync so that the database syncs securely and seamlessly across your Apple devices.
Secrets has a built-in password generator and supports AutoFill for Safari and other browsers. The app provides users with the option to generate one-time passwords for 2FA and uses Quick Unlock, which supports Touch ID and unlocking the app using the Apple Watch.
Secrets also allows users to import passwords from other applications and it has simple pricing with a one-time fee of $19.99. The macOS app is available through the App Store and Setapp. The iOS version is available in the iOS App Store and is also $19.99. This is my choice for password managers.
Enpass
Just like 1Password and Secrets, Enpass stores passwords, logins, and various other files are stored inside the app. The information is locally encrypted on your individual devices and everything is synced through your personal cloud account. Enpass also takes advantage of an Autofill feature and is available for all major platforms.
Enpass is an offline password manager, but users have the option to sync across devices using their chosen cloud service. The information in the app can be stored in multiple vaults for organization purposes. Enpass also has audit features similar to 1Password and Secrets, which gives users an at-a-glance option to see where their passwords are expired, weak, old, or otherwise compromised.
Enpass supports biometric authentication as well as Smartwatches. Users have the option to import from other apps/files, too, and it also features breach monitoring. One of the unique features of Enpass is its ability for users to customize categories, templates, and other items. Enpass is available for a subscription fee ($1.99 monthly for individuals) or users can purchase a lifetime license for $79.99. Jon’s choice for a password manager.
Password Best Practices
After you find a password manager that you want to use, the next step is to change your passwords. This is a long process for certain, but it’s an important step to take especially if you’ve never done it before. You want to make sure they are secure and in line with what the online account requires.
When creating new passwords, the first piece of advice we have is to leave personal details out of the password. In the early days of the internet, everyone used things like their dog’s name and their zip code. Back then, the risks were much lower than they are now. You want to use unique, random passwords.
Try to use at least 15 characters – if the account will allow it. Use a mix of letters (upper and lower case), numbers, and special characters. In addition to these two main rules, you also want to avoid common substitutions like using the number 3 instead of the letter E. Also, try to avoid memorable keyboard paths. If it is easier for you to type, it’s also easier to be broken.
If you don’t want to try and come up with dozens or maybe hundreds of random passwords, a password generator can help with this process. All three of the apps we recommended above have built-in password generators that can provide randomized, safe passwords based on your specifications. We recommend you use the password generator that is built into your password manager of choice, but if you need a separate password generator, we recommend using Sklv Password Generator. It’s available for free in the Mac App Store, does not collect any data from users, is completely closed to the internet, and is also available for the iPhone.
Along with generating new passwords, you will want to enable two-factor authentication (2FA) where you can. Some sites don’t offer it as an option, but if they do, you should take advantage of it. Again, all three of the apps that we suggested as password managers, have options for 2FA. This definitely makes the entire process easier.
We would, however, caution that this can also be a bit of a hazard because if someone were to break into your password manager, they would have access to everything. But, if you keep your 2FA codes in a separate app, you have a safeguard. A good suggestion we have is Authenticator App by 2Stable. It does require a subscription, but it’s easy to use and designed well.
Finally, you want to keep your passwords private. Do not share them with friends or family members. While you may trust them and they may not intend any ill will toward you or your information, sharing your passwords compromises them. If by some chance your friend ends up using a password elsewhere and it is caught in a breach, that password is no longer any good. Keep your passwords private.
Conclusions
If you think about your online presence like your home, then your passwords are the key to the front door. You don’t want intruders breaking in and wandering around whenever they please. So, make sure you change your passwords frequently (experts recommend every 3 months), use a secure password manager to store them safely, and enable 2FA whenever possible.
Use these tools to secure your online presence and stay safe!