A Better Password Problem – Premium

Several weeks ago, I was trying to login to the Hilton app on my phone and could not remember the password. I knew the password was saved in Chrome but trying to guess what it was, I locked my account after too many failed attempts and had to reset the password which means that I had to re-enter it in Chrome as well.

This is a mild inconvenience but with every single service seemingly compromised each day and I know that I reuse passwords across different services; it was time to finally get serious about changing my workflow.

There are many options out there for password management, you can use Chrome to save everything, LastPass is a good option but I ended up choosing 1Password after it was highly recommended from a significant number of people.

Why a password manager? It’s quite simple, instead of remembering 600 different passwords for every service that you utilize, you remember one and let the password manager remember the rest. The challenge is that you have to get away from letting the browser do the ‘remembering’ and instead let the app do it for you.

This isn’t easy because it’s significantly easier to double click inside a login prompt, select the account, and have it login. At least, that’s how it used to be, but modern password managers have made it significantly easier to use these services and it’s about time everyone seriously considers switching.

Previously, I had been toying with LastPass which is a great alternative to 1Password but it’s up to you to decide which service fits your needs better. The primary benefit of LastPass is that it has a free offering, 1Password is a premium service but if there is anything you should be willing to pay for, it’s a company who is storing all your passwords; pricing for 1Password varies on how you pay for it but it can be as little as $3 a month if you pay annually.

The biggest benefit of using a password manager, especially with a mobile app, is that you can now seamlessly login to apps on your phone and the desktop by logging into the password manager. If you are using iOS 12, Apple now lets password managers inject your login info into the keyboard so you don’t even have to open the app; it’s all quite literally at your fingertips (image on the left).

But this isn’t unique to 1Password and even Apple’s own Keychain can use this. The point is that these solutions bridge the gap between desktop and mobile better than any browser can with the added benefit of keeping you more secure.

The best part of these services is that they can now replace the login prompts inside of your browser as well (image right); most solutions now let you click inside a login prompt and access logins for that site via a browser extension. It wasn’t too long ago that this feature was not available and it has removed the final friction point for me that kept forcing me back to the browser storing the content.

Further, 1Password integrates with haveIbeenpwned.com, a service that catalogs compromised databases and alerts you if any of you credentials have been stolen; I had several and was able to quickly update them following this discovery.

Both LastPass and 1Password allow you to migrate data between the services which is something you will want to explore. What I was able to do was export all my saved sites and passwords from Chrome/LastPass to 1Password and then shut off the ability for Chrome to remember any site or password. Once you import your data, using a password manager is nearly as frictionless as having the browser store it but with added portability of using any browser that you prefer.

And this was one of the big selling points. It was my lack-of password management that kept me coming back to Chrome but now that I am fully invested in a password manager, I can switch browser instantly without the fear of not being able to login to my favorite sites; in a weird way, it’s quite liberating.

But using a password manager takes time, you have to get into the workflow of saving your logins to the service each time you create a new account. That being said, once you do save it, you never have to worry about remembering it again which means you can make stronger passwords that are significantly harder to crack and it makes it easier to use unique passwords on different sites.

I have been using 1Password for about two months now and it has made my browsing and mobile experiences significantly better. For some reason, Chrome was very slow to sync passwords to its mobile app and I didn’t use Edge enough to have my latest sites but with a password manager, it really doesn’t matter anymore as they do a better job of managing this process.

The obvious shortcoming with a password manager is that if someone does get access to your account, they can login to anything that you have saved which is why it’s important to look at all the solutions carefully before investing in a service. That being said, all popular solutions have multiple layers of security and encryption that makes them are more secure than saving them to your browser.

While playing around with these solutions, it became somewhat obvious that Microsoft should be playing in this space as well. Even though Windows 10 does have some baked in features, it comes-up significantly short of what third-parties offer and this is definitely a service where Microsoft could add value to its existing products; not to mention they could charge annually for it too.

If you have never tried a password manager before, you should do some research and give one a shot. While it takes a little bit of time to get set up, once you do, you will spend less time hitting the ‘forgot my password’ button.