What’s your password? No! Don’t say it out loud. That would be just another way of turning it into a useless string of characters. There are already too many ways to do that. Rather, I just want you to think about your password, your system for creating and remembering passwords.
Chances are, your password is a lot weaker than you think. Before talking about password management, let’s talk about the problem with passwords:
The Problem with Passwords
The first, and most intractable problem with passwords, is that they exist at all. Many companies are working on a way to eliminate the need for passwords altogether. We have passwords for the same reason we have locks on our doors and windows. Bad people want to exploit us, and do bad things to us via our digital assets.
Passwords do not stop bad people from doing bad things. Personally, I would rather see more resources go to catching criminals, not forcing me to put yet another lock on my digital door. That just makes it harder for me to get in. The bad guys are hardly inconvenienced.
Second, effective passwords are virtually impossible to memorize. If we had one password for one service, it may be workable. But the average person has a minimum of 25 passwords. That is a minimum from three years ago. The true number has to be even more ridiculous, now.
We may be able to remember three or four strong passwords. The rest requires us to write them down paper or in a file. Either way, it makes them insecure. Once committed to paper or disk, your strong password is vulnerable. You might also attempt a system, like replacing o with 0. The problem with your system is that any system you can remember, someone else with a good computer can figure out. By its very nature, your system is a recognizable pattern. The only strong password is one you can’t remember.
The Bright Side of Password Managers
If you use a password manager, you have the luxury of turning all your weak passwords into strong ones that you don’t have to remember. The software takes care of that. All you have to do is remember a single password. This is true of all password managers. Some offer one-click logins, keystroke inception, and an automatic password lock when you step away from your computer. No two systems are exactly the same. While all this is great, it doesn’t mean we can stop thinking about passwords altogether:
Managing Password Managers
You have to entrust all your passwords to a piece of software for creation and storage on someone else’s remote servers. Unless you are using something like Apple’s built in password manager, you will likely have to pay a monthly or an annual fee for the privilege.
Through cloud services, your passwords can sync across browsers. But what about apps? Depending on the platform, there may not be a seamless transition between the browser on your desktop, and your smartphone app of choice. That password stored for your bank on your PC may not populate to your banking app on your iPhone. At some level, you have to manage the manager.
On balance, it is still better to have a password manager than not. It is better than writing down your passwords. But security is inconvenient. The more secure you are, the less convenient accessing your own data will be. When things become too inconvenient, people ditch the security altogether, leaving them more vulnerable than before.
At the end of the day, it is still just about trying to keep bad people from doing bad things. That is just the human condition. There will never be a cure for that.