Dealing with passwords is just as satisfying as cleaning gutters or filing taxes. But it’s just as important
I hate telling people to eat their vegetables, even virtual ones. Still, if you don’t have a strong, unique password for every online account, it’s time to dig in.Don’t wait until someone steals your identity or deletes your bank account.
You’ve probably heard of password managers. It may sound complicated But setting up a password doesn’t have to be a pain. These services remember all your passwords and can generate a new, secure password. When you go to the login page on your web browser, and even across many apps, the manager will automatically fill in the information you need to access your account. Some even comb the web to alert you if your information appears in a security breach.
A big change to one of the most popular managers, LastPass, is why I have another password in my brain on March 16.LastPass Free users will have to upgrade to the service’s premium plan, usually. At $ 36 per year, but are currently offering them for $ 27 per year if they want to keep syncing passwords on their devices. Although I’m a big fan of LastPass, the free plan isn’t a good choice anymore.
The best password managers will run on as many platforms as possible, which is why we recommend independent services through the password savers available in all browsers and operating systems. I tested the most popular ones in pursuit of high security, wide options, and ease of use. This is what I found:
• Easiest to use:1Password ($ 35.88 per year for individuals, $ 59.88 for a family of up to five) offers an intuitive design and multi-layered security for a great price. 1Password doesn’t have a free tier. Security is something we believe is worth it. Cost to Pay “Free software is often associated with compromise,” a 1Password spokesperson said. “We can focus our efforts on developing new ways to protect your data rather than collect or exploit it.”
Like other password managers, you can organize passwords into different collections: one for personal accounts, one for work, one for shared family logins. The travel mode is a peculiarity of this service for those who wish to hide sensitive information when traveling to countries where their phone may be searched.
Dashlane ($ 59.99 per year for individuals, $ 89.99 for families of up to five) is also easy to use and a good choice if you’re interested in additional features like a built-in VPN (also known as a virtual private network) for access. A safer internet and dark web monitoring service that keeps an eye on hackers who may have your identity.
I finally opted for 1Password because of the price. (I still think Dashlane’s Mac Safari browser extension, now beta, is flawed, a Dashlane spokeswoman said the team is working on a fix.)
• The best service for emergency access: It’s a relationship between Dashlane and LastPass Premium ($ 36 per year for individuals, $ 48 for families of up to six). Both allow you to allow trusted contacts to access your vault if you’re dead or without. Ability Features like these are important because our lives are tied to our digital accounts, as my colleague Joanna mentioned recently, if something happens to you, your designer can request access to your vault. You can set a specific delay between three hours and 30 days, during which you can deny access if you can.
LastPass Premium isn’t as sleek as Dashlane, but it’s a very capable password manager, including web monitoring in dark colors, plus gigabytes of encrypted storage. (And a good Safari browser extension) If you’re using Safari and don’t need a VPN, use LastPass.
1Password sees this type of emergency access as a security threat. In a forum post, a company employee explained that house abusers entering the password vault were able to hold their victims. He recommends keeping a printout of your secret key and master password in a safe deposit box or give it to your lawyer.
• The best free options:Bitwarden offers a completely free plan for two individuals and businesses that sync unlimited passwords between different devices. The service has several essential basics: end-to-end encryption, secure password generator, two-factor logins, and apps for all platforms, desktop, browser, and mobile operating system included. Access through the web
Premium membership ($ 10 per year for individuals, $ 40 for families of up to six) is required for all bells and whistles, such as the password disclosure report and advanced login protection.
Share your thoughts
How do you manage your passwords? Join the conversation below.
“We are a profitable company. But we found it perfectly harmonious and compatible to offer a basic manager for free, ”said Michael Crandell, CEO of Bitwarden.Many users who started with the free plan eventually decided to upgrade, he added.
Once you’ve chosen a password manager, you can add all your old passwords manually. If you store your passwords in your computer’s Chrome browser, you can export them and import them into the new password manager (Apple doesn’t offer a similar password export option) if you switch from the password manager. One to the other, password export is also an option.
Password managers will improve your digital life. But whether you get it or not, there are four simple rules for password protection that you need to know.
Rule number 1: Don’t rely solely on passwords.
Use two-factor authentication, also known as 2FA, wherever possible. This requires additional code or authentication sent to other devices.
In general, turning on 2FA is better than none. But if you have a choice, use an app validator (I like Authy) on plain text. This works when you don’t have cellular reception and isn’t vulnerable to SIM theft, where hackers target someone with a valuable account, spoiling their phone number from their wireless carrier. You can call your service provider and add the password to your wireless account for added security.
Rule # 2 – set a long password
The new hot word “password” is a passphrase. “Password length is a factor that is more important than complexity because longer passwords are more difficult to crack,” said Jameeka Green Aaron, Chief Security Officer. Company information ensures the authenticity of the customer, Auth0 said.
For example, the “Raccoon Doorknob Spacecraft” passphrase could take centuries to decrypt according to Bitwarden’s free password security tool, meanwhile, according to a 12-character string validator with uppercase and case letters. Small symbols and numbers can take as little as three years to penetrate. Most password managers allow you to set the length of the automatically generated passwords.
Rule # 3 – make it unique
No matter what you do, don’t reuse your password. Aaron said it was the way most typical accounts were hacked. If hackers find your password used in one place, they’ll try it somewhere else. This is where password managers come in to create unique passwords and store them for all of your accounts.
Rule # 4 – Have a backup plan for your backup plan.
The key to managing your password is the master password, along with your login authentication device. A good password manager will not know what your master password is and cannot help you recover your account.
So, to be a good password parent, you need to think of the worst case scenario: What happens if you lose your device, your two-factor authentication code will be sent? What if you forget your master password?
Authy will sync the authenticator code across devices. (Such as your phone and iPad), which will help if you lose it. Setting up a physical security key such as YubiKey as an additional validator is another precautionary measure. For remembering your master password, the best solution is minimal technology: write it down on a piece of paper and store it with the rest of the most important document. Safer in the physical world than in the digital world.
– For more WSJ analysis, reviews, guides and headlines, subscribe to our weekly newsletter.
Write to Nicole Nguyen at firstname.lastname@example.org.
Copyright © 2020 Dow Jones & Company, Inc. All rights reserved. 87990cbe856818d5eddac44c7b1cdeb8