5 Ways You Are Using Your Password Manager Wrong

If you’re currently memorizing or writing down all your passwords, switching to a secure password manager is one of the best things you can do to protect your accounts. However, simply using a password manager doesn’t necessarily mean you have strong cybersecurity.

Proper use of your password manager is as important as the specific tool you choose. Find out some frequent mistakes people make when using a password manager.

The master password is the most important element protecting your vault, but it won’t help if you’re already logged in.

Say you’re using your laptop at a café and step away for a minute to go to the bathroom. Someone could steal everything in your vault if your password manager keeps you logged in.

Every password manager is different, but you should be able to adjust this setting to make your vault more secure. Having the password manager log you out if you’re inactive for over a few minutes is a good idea. Even if it’s inconvenient to enter your password repeatedly, it’s still worth reducing the risk of unauthorized access.

Password managers can make your information more secure, but these tools also put even more pressure on a single password. Your master password controls access to your entire vault, so using a strong password that won’t be easy to guess or crack in a brute-force attack is crucial.

Fortunately, the master password is the only thing you need to remember. Figure out something complex that’s different from the rest of the passwords you use.

Repeats or variations of existing passwords should be off-limits. We also recommend checking whether your password was previously exposed in a data breach. Check out our guide to creating strong passwords for more information.

Using the same password for multiple accounts increases the risk of a breach. The more times you reuse an identical password, the bigger your loss if that password is guessed or stolen. Since there’s no way to predict when a breach might happen, it’s critical to safeguard your information proactively.

Despite this clear security risk, roughly two-thirds of all internet users reuse passwords across some or all of their accounts. If you’re in that group, switch to unique passwords as soon as possible — particularly for bank accounts and other accounts with personal information.

One of the key benefits of a password manager is that you don’t have to remember each of your passwords, and using the same ones multiple times is dangerous. If each password is unique, hackers can only get your password for one account at a time.

Using a strong password makes your account safer, but you should still enable two-factor authentication (2FA) for even more security. With 2FA, you’ll need something other than the password (a second factor) to access your account.

2FA usually goes through a designated device, such as your smartphone or a physical security key. The main advantage of 2FA is that a hacker would have to steal two different things to log in. It’s unlikely that anyone compromises your master password, but it’s always better to be safe than sorry.

If possible, you should avoid routing your 2FA notifications through email or a short message service (SMS). While most people won’t have any problems, these confirmation messages are much easier for hackers to imitate than authenticator apps, security keys, and other channels.

If your password manager is remembering passwords for you, you don’t need to develop them yourself. Even if you try to use something new every time, you’ll inevitably fall back on the same tendencies and waste time you could spend on other activities.

In 2023, all the major password managers come with built-in password generators. Just set the parameters, generate a new password, then copy and paste it into the password field. You’ll have a password guaranteed to be unique, and you can adjust the settings easily based on your preferences.

Every user seeks something different, so there’s no best password manager for every situation. Still, we’ve found that a few providers stand out. We’ll cover some of our top picks here. Check out our list of the best password managers of 2024 for more information.

In 2024, most internet users have more than just a few accounts. Without a reliable password manager, keeping track of strong, unique passwords for many different apps and websites would be almost impossible.

Password managers are deemed necessities in 2024. People don’t always know how to utilize their password manager’s features fully. These tips help you make your vault as secure as possible and protect against various common cybersecurity threats.

• Carnegie Mellon University: Guidelines for Password Management
• GCF Global: Internet Safety: Creating Strong Passwords
• Maryville University: To Password Manager, Or Not To Password Manager
• Ohio University:Using Strong Passwords and a Password Manager