4 min read Tools

5 of the worst ways to store passwords

5 of the worst ways to store passwords
Photo by Mindspace Studio / Unsplash
đź’ˇ
Post has been updated as of 11/16/2022

I will tell you a little secret: I am bad at cybersecurity. I’ve had my identity stolen, password hacked, phished, and ripped off by shady websites with promises of $100 MacBooks.

Over the last 20 years, I have had to learn how to prevent and anticipate these infiltrations. I’m guessing you have experienced similar or worse as well.

When I talk about security, it is not about being some Uber nerd who trusts nobody; it’s about being so lazy that I don’t want to go through those things again(and again).

For fun, we will start with password security and the 5 worst ways to manage your passwords.

1.  📝 Post its

This is quite obvious, but you can lose these so quickly, and I doubt you update them when that obnoxious reminder to make your password more secure or update it regularly. Also, what if you are not at your desk where you piled them up? You are going to be in a world of hurt on the road.

2. đź“‚ A text file on your computer

Years ago, this might have been ok. Today, it is half measures. You took the time to digitize it, and your computer is password protected, but it will be poorly organized and not stay current. I promise.

3. đź“” That book you may boast as your vault

Maybe it’s leather-bound or embossed, but whatever it is, it’s still just a fancy piece of paper with just as much security and functionality as your post.

4. 🖥️ Your web browser/ computer keychain

This is a step in the right direction, and progress is being made by Google and Apple to make this possibly the last password management we ever need, but until then, you are so close but missing a lot of features.

5. 📨 You email them to yourself

"I too like to live dangerously"

Ahh, yes, I like to label and tag things in my Gmail and pat myself on the back. “It’s in the cloud” and “I have a system” comes to mind. But it is still half measures, and you are making it harder than it needs to be.

So what can we do, Joe?

I’m not going to tell you about some new technology you haven’t heard of, but I will stress the importance of an adult password manager app.

Here are the criteria in order of importance of a good password manager:

  1. It works. No seriously. I have had some that can’t even fill a login form without a bit of click dance to get it right (LastPass).
  2. Multiple devices. I’m talking mac, pc, iPhone, and Android.
  3. It can generate new passwords automatically for you with whatever complexity is required. (Special characters, capital letters, numbers, hieroglyphics)
  4. Can store but also organize your passwords into personal and work subcategories. Trust me, this matters when you have over 500.
  5. Can store credit cards and mailing addresses. This might sound like I’m asking for fraud to happen, but the pros outweigh the cons here. I’ve been able to pay online without taking my wallet out or carrying certain cards. (That one department store you go to once a year)

So which tool is my pick?

I use NordPass. I’ll link to it so you can get it too. I’ve used LastPass (had trouble with specific sites), 1Password (didn’t play nice with windows), Zoho vault (just felt old and slow), an open-source tool where everything was stored on my server at home; and none of them brought the features above in one product except for NordPass.

If something better comes along, I will switch to it. Rolling passwords over from tool to tool is more straightforward than rolling over a 401k or IRA; you get used to it. But for now, NordPass is my choice. It will fill in passwords on my iPhone and my macs and pc. And it will do its job well. I sometimes have issues with the chrome extension, but not enough to make me switch. Update: Nord has released a new Beta extension that doesn't have the same issues I previously had, so now it is even better.  It’s also more affordable than others.

All of this research started when LastPass wanted me to pay. I decided the problems I had were not worth just handing over money without researching the competition, so here I am.

You might find yourself liking 1 Password because you are only on Apple products, and that’s fine as long as you use something. You might feel the urge to tell me that an open source self-hosted double top-secret product is better, and maybe it is, but for most of us, we need to start somewhere. So start.

Joe Manning

Joe Manning