How to Securely Store Your Passwords

How to Keep Your Passwords Secure

With so many online accounts to keep track of – the average American has around 300 online accounts and around 100 different passwords – it’s essential that you keep them secure by storing the login information in a safe place.

Most data breaches are a result of compromised passwords, which can be caused by phishing, malware, and social engineering. As a rule of thumb, it’s a good idea to make sure each of your accounts has a different password to prevent cybercriminals from accessing your personal information and becoming one of the millions of people who fall victim to identity theft.

Identity theft can cause a whole host of issues: thieves may be able to steal anything from your address to your Social Security number, and then use that information to access your bank accounts, open financial accounts in your name and wreak havoc on your credit, or even attempt to scam your family and friends after gaining control of your email or social media.

With so many passwords and accounts, it’s near impossible to remember all of them. Below, we break down the best ways to store your passwords, and the pros and cons of each.

Pen and Paper

The most old-fashioned method of storing your passwords is writing it down in a notebook and tucking it away in a hidden place. This is really only secure if you have a safe with a code that only you have access to. You may also want to even just use hints to remember your password rather than writing the whole thing down.

Pros: Cybercriminals can’t access a physical notebook that is locked away.

Cons: Anyone can access your passwords if they come across your notebook.

Computer Document

A step above pen and paper is simply saving it on a document on your computer (like a spreadsheet or Word document).

Pros: It’s on your computer, which is password protected, so anyone in your household (or anyone who enters it) can’t get ahold of it easily.

Cons: Hackers can use a keystroke logger to capture your passwords, even if your document is password protected.

Email

You could email yourself a password, but:

Pros: It’s quick and easy to log into your email, and it’s password protected.

Cons: Hackers may be able to access emails since they can be stored on different servers, and they may even be accessible after it’s deleted.

Phone

You could save your password on your phone on a notes app.

Pros: Your phone is typically password protected and/or secured with FaceID. If you have an iPhone, you can even lock a note with a password.

Cons: If your phone isn’t password protected (or someone is able to break into it), your passwords may be easily stolen.

Password Manager

Most browsers – such as Chrome, Firefox, Safari, and more – come with a password-storage functionality by using a password manager. It has the ability to store a password for each account you create, and it can sign you into the account automatically.

Pros: It’s free, quick, and convenient. Good password managers even suggest a strong auto-generated password and monitor data breaches.

Cons: A password manager will save your passwords on all devices, which makes it essential to create and remember a strong master password or PIN to access your personal devices (computer, phone, tablet, etc) and prevent anyone else from accessing your information. Not having a master password makes you run the risk of having all of your passwords compromised if it’s hacked. If you use multiple browsers, password management in only one browser can make it tricky.

Password-saving software

Password-saving software are apps that store passwords safely. Popular services include 1Password, Bitwarden, Dashlane, Keeper, LastPass, and RememBear.

Pros: Like a password manager in a browser, it stores your passwords and generates new one when needed. It can even allow you to choose the number of characters, symbols, and numbers you want. Many password manager apps have free versions that give you basic features, although if you want to upgrade to a more advanced version you will have to pay a fee.

Cons: Finding the right password manager with your preferred features and pricing takes time and research. Additionally, you will need to create and remember a strong master password. If the password manager is hacked, you risk losing all of your information, and if you lose the password, it’ll be difficult to get access to your password manager again.

Keep Your Accounts Secure

In order to further protect your passwords and personal information, you can take the following steps:

• Use two-factor authentication: Using two-factor authentication (2FA) gives you extra protection in case your password is compromised. 2FA requires a second passcode (usually numerical) that you receive through text, call, or email.
• Don’t use the same password: You’ve probably heard this before, but it’s essential to use different passwords for each of your accounts because if a hacker gets ahold of one of your passwords, they may be able to access more of your accounts. However, if you do this, you’re certainly not alone – over half of all people use the same password for more than one site.
• Change your passwords regularly: Many sites will prompt you to change your passwords at regular intervals, which leaves you much less likely to get hacked. Be sure to change the whole password, not just one number, letter, or symbol, to keep hackers from easily guessing it.
• Create a complex password: Using “password,” “12345,” birthday, or the name of a pet is never a good idea. Use a combination of capital and lowercase letters, numbers, and symbols.
• Delete old and unused files: Some files with sensitive information can be recovered even after it’s trashed, so it’s important to permanently erase it in a way that ensures it can't be recovered, even with software. Tools like a storage manager (which automatically removes backed up content from your devices) and disc cleanup (which deletes unnecessary files) can be used to clear old and sensitive information.

What makes a password secure?

A secure password is usually a minimum of 12 characters and contains both upper and lowercase letters (the more letters, the better). It's usually mixed with numbers and has at least one special character (!@#$, etc).

Can changing my password protect my account?

If you suspect or notice any signs of your account being hacked, changing your password ASAP may help mitigate the damage.