Despite what Hollywood, Apple, Amazon and Google might want you to believe, accessing and securing our technology lives still takes more than scanning various body parts and shouting at inanimate objects. These fancy biometric gateways are still powered by the clumsy password mechanism that has been around for decades and will probably exist for a while longer. Despite much effort from the industry to innovate ourselves beyond this particular security mechanism, we’ve only managed to make it somewhat easier to keep track of the growing number of passwords we are required to maintain just to be a part of modern society.
Post-it notes won’t do anymore
Even though password management platforms like LastPass, 1Password and Dashlane have been around for several years now, the majority of my clients still manage their passwords manually, either via bits of sticky paper, a spreadsheet or a little black book. Even though very insecure, this was at least somewhat do-able when all you had to keep track of was a dozen or so passwords. According to a 2017 report written by password manager LastPass (full disclosure: C2 uses LastPass to manage passwords), the average business user has to keep track of nearly 200 passwords, and I am certain that this number has only grown over the intervening 3 years. Unless you are incredibly disciplined and well organized, managing that many passwords manually is just not practical. If you need to share these passwords with co-workers or family, that system just became wildly unmanageable and very insecure.
Password management platforms are designed to step in to replace the notes, spreadsheets and little black books, and they can add other perks as well. Most will provide browser plugins and mobile device apps that can, once unlocked, automatically enter tracked passwords into your websites and apps as needed, as well as tracking and updating your password database whenever one is changed. These same platforms will also see when you create new passwords and offer to save them, and some, like 1Password and Google will even warn you if you are using a known compromised password. Several of these systems can also be upgraded to allow you to safely and securely share passwords with other people.
While the above-mentioned platforms typically have a subscription fee, there are several no-cost alternatives that are still better than the analog equivalents. Google’s password management service is cloud-based and can help you retrieve passwords across multiple devices, as is Apple’s iCloud-powered Keychain. Firefox also has a password management function if you create a Firefox account.
Ironically, using any of these password management platforms does require yet another password, and on top of that, most will also require some form of 2-factor authorization on top of the complex password you should memorize and never write down. The advantage here is that you only have to keep track of a single password instead of 200+, which should allow you to use your brain for more important things like birthdays, anniversaries and where you put those dang car keys.
