Note: This post includes referral links and although clicking on them won’t cost you more, as an Amazon Associate and LastPass affiliate, I earn from qualifying purchases.
You Need a Password Manager
“It’s on a piece of paper somewhere. Maybe the back of an envelope or a Post-it note? Where is it?!” And so begins the typical search for an elusive password. Eventually, we find it, or give up and create a new one. And that one is hastily scribbled on a small piece of paper, or added to a sheet filled with other user names and passwords, some crossed out and with question marks. I am impressed by how much writing can fit on one page. Words fill the margins, some crossed out and erased, while others swirl around the corners as if in a vortex.
When I work with clients, friends, parents, and other family members, password discovery and recovery is often a time-consuming part of my digital organizing* work. It is frustrating for all when our momentum is stymied by having to stop and search, wait for reset emails to arrive in the inbox, and enter codes and answers to secret questions. But more importantly, weak or overused passwords increase the risk of information and identity being stolen. I always recommend a password manager of some type.
*Digital organizing is streamlining and decluttering your computer and digital workspace such as online accounts, email, document storage systems, photos, spreadsheets, basic word processing, etc.
Everyone needs a password management system, whether paper or online. My preference is an online system, but if you prefer paper, consider a logbook made for that purpose. Please avoid these:
- A blank notebook. If you handwrite passwords, make it as easy as possible by having templates that include space for a website URL, user name, password, and notes (for security answers, and PINs). If you are in a hurry, you might miss something if you have to write the prompts.
- Random pieces of paper (this is a habit to break!)
- Excel or Word (or any other spreadsheet or word processing program). If you are worried about a vetted online password manager being easily hacked, do not try to create your own.
Here are the pros and cons of password logbooks and online password managers:
What it is:
An organized notebook with templates for storing passwords, similar to an address book. Most have a removable cover to make it unidentifiable.
- Paper can’t be hacked; just keep it in a safe place.
- If you are not comfortable with technology, this is a simple alternative.
- You can see everything at once.
- Once found, paper can be read!
- It’s portable, but not really. In fact, I recommend password logbooks be left at home to reduce the chance of loss or theft. Since you won’t be carrying it with you, you won’t have access to your passwords when you need them. If you forget to bring your insurance card to the doctor’s office you may not be able to easily pull up your insurance site on your phone and email them a card.
- Passwords must be updated manually.
- You might be tempted to use simpler passwords that are easier to write quickly.
Here are two examples:
- The Personal Internet Address & Password Logbook: The cover is removable so as not to identify the contents. Sections are included for internet information such as WIFI set-up, email accounts, internet service providers, etc. Peter Pauper Press offers this in many designs and this brand is my favorite.
- BookFactory Password Journal/Password Organizer: This book is spiral-bound, which makes it easier to hold and flip through. But the cover has “*******” on the front, so if you purchase this book purely for the spiral binding, cover the title.
Online Password Manager
What it is:
An online tool to manage your passwords. Most have free versions and/or a trial period and an upgrade. The paid versions are subscription-based.
- You can sync across devices and access them from anywhere.
- Your login information can be auto-filled.
- You can generate random passwords and have them updated automatically.
- As with anything online, it can be hacked. Follow the recommendations for how often to change and update your master password and follow any recommended protocol – such as two-step authentication – to reduce your overall risk.
- If you are not familiar or comfortable with using technology, then it might be a challenge to learn.
- If you lose your “master password” (the one you use to access the site) it may be irretrievable (as with LastPass).
I’ve been using LastPass for years and it is the password manager I recommend to clients. Each year I check reviews, and as of this writing, it still ranks very high. There are some other good ones – Dashlane and 1Password, for instance – but I have no reason to switch (if I did, I could export the data). I asked two internet security experts about their opinion of password managers in general. Although I expected them to recommend a password logbook, both said they use LastPass!
Passwords vs. Passphrases
Even if you choose to use an online password manager, there is one password I encourage you to write down and keep in a safe place: your master password. That’s the one you use to access your online account. If you lose it, it can’t be recovered. So what do you use for this critical password?
“Through 20 years of effort, we’ve successfully trained everyone to use passwords that are hard for humans to remember, but easy for computers to guess.” ~ Randall Munroe, author of the popular webcomic XKCD
I’ve been hesitant to write this blog post because of all the different and changing expert advice in the tech community. There is some controversy/dialogue over the effectiveness of passwords vs. passphrases. What’s the difference? A password is (or should be) a random group of letters and numbers with maybe a few odd characters thrown in. The key here is random. A passphrase, on the other hand, is made up of random words with or without spaces in between. Although random, you can actually remember it. Some sites might still require you to include a capital letter and number, but a random word grouping with those tweaks is still easier to remember than a random group of characters. Here are examples:
Passphrase: dog pipe carpet what soup or dogpipecarpetwhatsoup or dogpipecarpetwhatsouP2
Choose your system:
You can dive deeper into the comparison in this article by Ben Wolford from Proton, but this is what I do:
- I use LastPass. You can find a quick demonstration of LastPass in my YouTube video, A Few of My Favorite Apps at location 6:40.
- Create a passphrase of five random words for my master password.
- Let my password manager generate random passwords for all of the sites I store.
- Designate someone to have emergency access to my password manager.
Do you still want to write things on sticky notes and scrap pieces of paper? Then write the date on them so you’ll have a clue as to what the note was in reference to or how dated the information is. Perhaps the extra work will inspire you to record that information in the right place – like a password manager!
Need help getting your system in place?
Barbara Trapp, CPO®, Certified Professional Organizer® and Life/Productivity Coach
Zen Your Den® and Zen Your Biz™
Professional Member, NAPO (National Association of Productivity and Organizing Professionals)
Life Transitions Specialist, NAPO
Residential Organizing Specialist, NAPO
Workplace Productivity Specialist, NAPO