HolidayBuyer's Guide

How and why to set up and use a password manager

Commit to a password manager to make your online life easier and more secure.

password-manager-promo.jpg
Photo by Matt Elliott/CNET

Let's start with the why. The reason why you should use a password manager is twofold: it makes your online life more secure -- and easier in the process.

A password manager stores the passwords for your various online accounts and profiles and saves you from having to remember and enter each one each time you visit a password-protected site. Instead, your passwords are encrypted and held by your password manager, which you then protect with a master password. Since you are saved from having to remember all of your passwords, you will be less tempted by the dangerously poor idea of using the same password for all of your accounts. With a password manager, you can create strong passwords for all of your accounts and keep all of those passwords saved behind a stronger master password, leaving you to remember but a single password.

Which password manager you choose to use is less important than actually choosing one and then using it. Most password managers offer limited free services with paid plans via either a subscription or paid app that lets you store an unlimited number of passwords and sync them across devices, including Windows PCs, Macs and mobile devices. To help you choose the right product for your purposes, Jason Parker earlier this year wrote about six of the best password managers.

Regardless of the password manager you end up picking, the setup process is roughly the same. I use PasswordBox because the app was recently acquired by Intel Security and is currently giving the store away for free. Without paying a cent, I can store as many passwords as I have while syncing across my Windows desktop, MacBook Pro, and iPhone and iPad. According to the Password Box blog, it is offering premium subscriptions for free until it releases its next product.

Setting up a password manager

With PasswordBox, you can sign up for an account via its mobile app or the PasswordBox website on a computer. I chose the latter and downloaded PasswordBox from its website, which turned out to be a browser extension. I created my free account by giving my name, email, and choosing a master password. Before we proceed, allow me a few words on creating a strong password.

Your master password should not be be a repeat or even a derivative of one of your other passwords currently in use. Create a unique password that contains at least eight characters, including both upper- and lower-case letters, numbers and symbols.

password-box-create-acct.jpg
Photo by Screenshot by Matt Elliott/CNET

After creating your account, you can then use the browser extension and the mobile app to add your accounts. PasswordBox lists a number of the more popular services such as Dropbox, Facebook and Twitter, and you can manually add others. Like other password managers, PasswordBox can store more than just your passwords. It has a Wallet section for storing credit card numbers, your social security number and the like. You can also securely share passwords with other PasswordBox users, and there is a password generator that creates strong passwords to replace the weak passwords you are likely using for many if not all of your online accounts. Lastly -- and I do mean lastly -- there is a Legacy Locker feature that will share your passwords with a trusted friend or family member in the event of your demise, helping your family manage your digital life after your actual life has ended.

Using a password manager

After a little legwork up front to add your password-protected accounts to your password manager of choice, you will then be free of the effort required to remember your bevy of passwords and entering them. For the accounts you have stored with PasswordBox, for example, you'll be automatically logged in.

password-box-add-new.jpg
Photo by Screenshot by Matt Elliott/CNET

If that's too easy for you, you can disable Auto-Login for certain accounts, which will require you to click or tap the log-in button (PasswordBox will still enter your username and password for you). If you have multiple accounts for a site, PasswordBox provides a drop-down menu to let you choose which account you'd like to use.

A word about security before we conclude

All password managers use some level of encryption to protect your identity. PasswordBox, for example, uses Advanced Encryption Standard (AES-256) to encrypt the passwords you store with it. And it does not store your master password, which means there is no way it can fall into the wrong hands -- while also meaning that you must remember it because there is no way to recover it should you forget it.

Close
Drag