The last time I learned about a massive password breach, I didn't sweat it. I opened an app, pressed a button, and went back to my business. The app automatically updated the password for the account in question. The app was my password manager.
A password manager's primary job is to store your username and password combinations safely. But it can also:
detect weak passwords and help you change them to something stronger,
find whether you reuse passwords across accounts and nudge you to change them, and
alert you when you should change a password because of an online breach.
And in select cases, namely, when you use Dashlane or LastPass, the password manager can change a password for you with the click of a button. It only works on supported sites, but it's a huge convenience when a site is compromised—such as Facebook's security break of 50 million accounts—and you want to change all your passwords quickly.
Here's how to manage and change all your passwords with as little effort and time as possible.
1. Select a Password Manager
First, you need to choose a password manager. While there are many excellent options, the five that tend to get the most recommendations from technology analysts, app review sites, and people who use password managers are (in alphabetical order): 1Password, Dashlane, Keeper, LastPass, and Sticky Password.
Some of these apps have a free tier of service, but they usually come with restrictions that make them hard to recommend. Paid plans cost anywhere from about $20 to $40 per year. It's money well spent.
2. Set Up Your Password Manager
Most password managers have a similar setup process. You download an app on your device and follow prompts to install it. Create a username and password for the password manager itself, often called the master password. That master password is the only password you need to remember going forward. Be sure to write it down and save it somewhere secure. Many password managers do not give you an option to reset your master password via email for security purposes. If you lose your master password, you may have to start all over again, which means losing all your saved logins. So be sure to choose a master password you'll remember.
Your password manager may have other setup requirements as well, such as two-factor authentication. And likely, it has a browser extension. Be sure to install and log into the browser extension, as it's the key to making your life easier and more productive with a password manager.
3. Let Your Password Manager Save Usernames and Passwords for You
After setting up your password manager, the first time you log into a site or create a new login, you have to type in your account's username and password. That way, the password manager can capture it and save it so the next time you go to the site, the password manager logs you in automatically.
4. Run a Password Audit
Over time, your password manager will have a nearly complete record of all your username and password combinations across all your online accounts. It might miss a few here and there (how often do you log into your airline accounts, for example?), but it will capture them all eventually.
After you've used the password manager long enough to have a few dozen passwords recorded, you should conduct a password audit on yourself, which many of the best password managers help you do, including Dashlane and LastPass.
A password audit detects weak or duplicate passwords across your accounts. It shows you the online accounts that are vulnerable and need to be changed ASAP.
5. When You Receive an Alert, Update Your Affected Password
Many of the best password manager apps offer breach monitoring. They tell you via email or in the app if one of the sites you log into has been compromised.s
Some password managers can go directly to supported websites and change your password for you. Other times, you have to go to the site, log in, open the settings, change your password, and save the new one in your password manager (the app does that last step automatically). It's a quick fix that protects your online account from hackers. .
During the first two or three days of using a password manager, you'll interact with the app more than you will in the future, and it will be noticeable. But over time, the password manager will become more invisible. In those first few days, use those moments of interaction (really, it's little more than a few seconds here and there) to take stock of your passwords and update any that are old, weak, or reused. Before you know it, all your passwords will be unique and strong, without you ever having to make a cumbersome project out of it.
Once you become comfortable with a password manager and it disappears into the background, you'll likely find that it speeds up your day. You become more productive when you're online because the app types all your usernames and passwords for you. Keep exploring your password manager, as many of them also have other productivity tools built in, whether for autofilling your contact details online or saving information about online purchases you make. Password managers give you so many benefits, but the most important one is improved online security.
For more on personal computing security, read: