Jan 18, 2023
Use a Password Manager
Ship It Post #
Mar 27, 2022
🧠 Second Brain
If you don’t have a good password management system, you’re not ready to take responsibility for your crypto/NFTs. Related: Being asked to teach about crypto and NFTs
Everyone should have some kind of password management system that’s secure (even if you’re not into crypto).
- Don’t write passwords on a piece of paper.
Very insecure. These are easily found by other people. Or misplaced. Or lost in a fire. It’s also inconvenient, because you can’t copy/paste from paper to your device.
- Don’t store your passwords digitally in an unencrypted file.
Microsoft word document, Notepad, Apple Pages, Evernote or other PKM tools are not good storage locations. Anyone with access to your computer or cloud account (like Evernote employees) could take advantage of it.
- Don’t reuse passwords.
If you do, and someone manages to hack one account, they can then gain access to your other accounts with the same login information.
A dedicated password manager.
- 1Password - most convenient and user-friendly, online
- Bitwarden - free, open-source, online
- KeePass - free, open-source, local (offline)
Some people may rely on their browser or operating system to save passwords. But these are limited. If you were to lose your device, would you still be able to access your saved logins? If you use multiple devices or browsers, you’d have to duplicate entries.
Password managers alleviate the necessity of coming up with and remembering passwords for every website and app. They work cross-platform. You choose one master password to get into your manager, then it takes care of the rest: creating random, secure passwords and auto-filling them.
Using a mix of letter case, numbers, and symbols just makes a password more likely to be forgotten rather than hacked. The longer a password is, the longer it would take to crack with brute force. So it’s better to come up with a long phrase of random words that can be easily remembered with some kind of mnemonic. This could be used for the master password to your manager.