For a long time I resisted password management applications. Despite the fact that I am a digital project and content manager, and need to access multiple computers, websites, and desktop and mobile applications daily, and sometimes from remote locations, I tried to keep most of my primary access credentials in my head. But “in my head” was actually forty percent in my head, and sixty percent in notebooks, spreadsheets, sticky notes, and the backs of old receipts.
But the complexity of today’s workplace, and the ever-increasing importance of cybersecurity to my employer, myself, and the larger community, finally pushed me into looking for a secure way to organize and access my passwords. Even though I feared that any new system would be less convenient than just “knowing” dozens of sets of access credentials, I realized that my responsibilities to my employer and clients overrode my personal preferences.
So, I asked co-workers for recommendations and did a little of my own research. Most applications offer similar features: capturing credentials and storing them in a secure file; auto-filling credentials; generating new random passwords; and offering tips and reminders about how to improve your cybersecurity habits. There are plenty of other features—here is just one of many comparison and review articles that can help you identify the ones that are most important to you and your business.
Once I selected an application and installed it on my computers and cell phone (about thirty minutes of work), I started to add password accounts. I visited a website and logged in, and my new application asked if I wanted to add those credentials to my account. I did that for my most commonly visited sites in the first few days, and now I add accounts as needed.
Now, I just log in to one website a day: my password manager. Then, when I visit a commonly-used website on my own equipment, I can autofill my credentials. I don’t have to dig under a pile of papers to find the pencil-smeared sticky with a cryptic password clue, or rifle through my bag for a notebook I left at home, or worse, try to shift my already-overloaded brain into password-remembering mode. If I’m working from some other location, I can pull up the password manager on my phone and type it in.
So now, after just a short time using the password manager, I’ve realized that my former practices were not convenient, and they were not keeping my memory sharp. They were speed bumps in my day, and security vulnerabilities in my online life.
Of course, there are minor downsides. The application is a little nudgy about some of my weaker passwords; it accepts them, but it gently and regularly offers to help me fix them. Also, when I really think about the fact that I now have some passwords that I just don’t know — that there is no hope of recalling them no matter how much sleep I get—I feel a little panicky.
But then I realize that I’m being silly, and the truth is that even the worst case of being locked out of some website is small potatoes compared to the disaster I could wreak if my poor cybersecurity hygiene were the vector for a significant attack at work or at home.
And then I, inspired by my new cyber-virtue, spend the rest of my day getting work done.
#BeCyberSmart
#CyberSmart