Cyber-security is an issue that we hear more and more about each and every day. Which major business will get breached this week? Will your username and password become compromised in the process? Today we have to be very intentional about how we store our information, and with technology constantly changing, we need to understand what options we have. Becoming aware of data-breaches and cyber-crime is just the first step in creating a secure lifestyle.
Most of us today use the same password over and over across a wide-variety of websites such as e-mail, social media, bank accounts, Spotify or Netflix accounts, etc. This is a prime target for hackers considering they only have to gain access to just one password, and with that password they now have access to multiple accounts across multiple platforms. All your information is now compromised.
At TFG we understand that life is busy, and it can be incredibly difficult for you to manage all of your accounts at a level that maintains appropriate security. However, just as we strive to make cyber-security one of our highest priorities, we encourage you to do the same.
Your browser has probably asked you this question many times. Maybe you are currently utilizing a browser password manager right now. Firefox, Chrome, and Safari all have options to store your personal passwords right there on the browser. These browsers “auto-fill” the passwords right onto your screen. Sure, this is convenient. But is it safe?
The problem within these types of browser password managers is that, though they can be encrypted, they do not offer a means to generate random, unique passwords for each account. So, you are most likely typing in a password that is not just memorable for you, but has also been used on other sites and accounts you visit – and you have allowed the browser to save these login credentials. These browsers offer a great deal of convenience, but not necessarily a great deal of security, and are vulnerable to more security risks than a third-party password manager.
Sure, I admit it’s easy to use the same password for almost everything. But what isn’t easy is having to deal with all the implications of a hacker gaining access to all of your accounts with just one password. Is there an easier way to login to the sites you use every single day and have more secure passwords?
Thankfully software developers have been working on this very problem, and have created programs called “password managers,” which are specifically designed to make your digital life easier, more efficient, and more secure. So just how are they able to do this?
What Is A Password Manager?
Basically, a password manager is a program that stores all of your information (e-mails, usernames, passwords, PINs, credit or debit-card numbers, and any other information that you wish to be secure) inside of what is known as a digital “vault.”
To gain access to this vault, you will need to have access to the vault’s “master password,” which you usually establish yourself. This is the only password you will need to remember when using a password manager, so make sure that it is secure. Many password managers actually recommend using a “password phrase” instead of a password. Rather than just one word with differing symbols and numbers, a password phrase is a string of words that is difficult to crack but makes sense to you. All you have to do is memorize the phrase and you’re set. All of your information should remain safe and secure in an encrypted vault, while still being available for easy access whenever you need it.
A password manager is not necessarily a fool-proof way to secure passwords though, as no method is one-hundred percent secure. However, it should be more secure than utilizing the same password over and over across a variety of accounts. It should be easier than going through the process of recalling your login credentials for that account you rarely use, and it should be more convenient than dealing with the consequences of your data being breached across all of your accounts.
If the goal is to make your life more efficient and improve your security at the same time, then a password manager may fit the bill.
Making Life – And Death – More Convenient
Did you know that a password manager can be incorporated into your financial plan?
Password managers like Dashlane, 1Password, and LastPass have an “emergency contact” feature. This allows a user to choose a contact who is able to gain access to their credentials in the event of an emergency. As a user, you can elect which passwords get shared to the emergency contact, and with some managers, you can even have multiple emergency contacts.
But what does this have to do with your financial plan?
Almost all complete estate plans involve having a will of some sort. One aspect in the creation of a will is naming someone to be an executor. The job of an executor is to ensure that the testator’s (the person for whom the will was created) last wishes are carried out as planned with regards to the distribution of their assets.
One useful way to incorporate your password manager with your estate plan is to name the executor of your will as one of your emergency contacts. This way the person or people you name will have access to your financial information and any other important accounts – such as social media, email logins, contact lists of family and friends, etc. – in the event of your death, potentially making the handling of your estate easier.
What Else Can A Password Manager Do For Me?
In addition to being able to designate an emergency contact, password managers generally offer a variety of features. Here I will focus on a few of what I believe are some of the more important ones.
- Safer Passwords: One of the most important features that a password manager offers is the creation of a password with 16 or more characters. This type of randomly generated password is more secure than, say, “password1234,” and you will not have to memorize it either. You try guessing ia%sT4f8ml$acnW1tB9i!
- Increased Efficiency in Your Life: One of the more highlighted features of password managers is their ability to auto-fill stored credentials into each site so that you don’t have to copy and paste or memorize passwords. Most of them can also automatically fill in personal data on web forms, such as first and last name, email address, phone number, and even credit card information.
- Shared-Folders: Many password managers offer the feature where you are able to upload credentials into a shared folder. If you are on a “team” or “family” plan with the password manager program, you are able to select other users to gain access to the credentials that they may need.
- Security Reports: Many password managers offer an important feature in which reports are generated that highlight how secure your passwords are based on a predetermined score. They are also able to notify the users if there are passwords that have been repeated across two or more accounts.
So How Do I Choose One?
There are several password managers available today, and it is important to evaluate the type of program you want to use, your specific needs, and the costs, if any, you are willing to incur. When evaluating a password manager, some of the features you may want to consider are:
- What devices is this program compatible with? (Android, iPhone, Mac, Windows, etc.)
- Can I use this on an unlimited number of devices?
- Does it include unlimited password storage?
- Does it auto-generate random passwords composed of more than 16 characters?
- Does it offer 2-Factor Authentication when logging into your password manager account, or allow for finger-print or face ID to login on your smartphone?
- Can I auto-sync my account across several devices using a cloud service?
- Does it backup my information in case I need to restore my account?
- Does it analyze the security of my existing passwords and create reports for me?
- Does it report on whether there are any data breaches with any sites I use?
- Can you share all or some passwords with a designated person/family member?
- Can you designate one or more emergency contacts to have access to your account if needed?
- Does it have business capabilities allowing sharing of all or some passwords among members of a team?
- Can you import or export passwords from another password manager, or from a browser or spreadsheet, or do you have to manually enter each one?
- Is the company reputable?
- How long has it been around, and how well has it been reviewed?
- Does it utilize AES-256 encryption?
Which One Should I Use?
As I mentioned earlier, LastPass, Dashlane, and 1Password are just a few, along with Keeper Security, Zoho Vault, Sticky Password, and others. Some are free with limited capabilities and some have paid versions that come with a number of features, including team versions that can be utilized for business needs.
I have randomly chosen a few programs to compare here (TFG does not endorse or recommend any specific service or company)* but an internet search for “password manager” or “password generator” will reveal other options available, as well as detailed reviews.
1Password – Offers a 30-day free trial where at the end you can pay $3 a month for your account, or even $5 a month for a family account that can support up to 5 users. 1Password’s “travel mode,” allows you to remove all but a certain subset of your passwords from any vault accessible by any device traveling with you. This prevents anyone from having access to your complete password vault.
LastPass – Offers many of the mainstream password manager features at one of the more competitive pricings out there. LastPass offers a browser “plug-in” in its free and paid versions in which you are able to use syncing and the important 2-Factor Authentication feature. If you want to go premium and add priority tech support and password sharing, it will run you about $2 a month ($24 a year).
Dashlane – Also has a free version similar to LastPass and provides essentially the same features. However, to enact mobile syncing and 2-Factor Authentication, you will need Dashlane’s premium version which will cost you around $3.33 a month ($40 a year).
Generally, the features of each of these programs don’t differ too much at all. It eventually just becomes a question of how much you are willing to spend and the usability each manager provides. It will largely depend on your personal preference.
The good news is that most password managers not only have a free version (usually with limited capabilities versus the premium versions), but also often offer a free trial of each manager’s premium version.
Each of the password managers reviewed above offers what is considered by the tech world to be strong encryption security, using AES-256 encryption – which is basically a fancy way to say it offers the same security that the federal government uses to protect its classified information.
In The End, What Really Matters?
It’s an unfortunate reality that many individuals today are using the same password across each of their accounts, but you don’t have to be one of them. The subscription for a password manager may be a small price to pay today in order to potentially avoid the frustration and possible financial disaster that can come with somebody gaining access to all of your information.
Whether you use a password manager or some other method, being proactive to devise a secure way to protect your accounts from hackers, as well as providing a secure way to pass on your account information in the event of an emergency or death, will go a long way towards your peace of mind.
Tull Financial Group is a fee-only advisory firm and a proud member of NAPFA (National Association of Personal Financial Advisors). The team at TFG is committed to providing the best wealth management and retirement planning services by creating and maintaining relationships that go beyond your bank account so that we can help you achieve your financial goals.
*This information is for illustrative and informative purposes only. Tull Financial Group does not endorse or recommend any specific service or company. Clicking on any links contained in this blog may lead you away from TFG’s website. These web sites are not affiliated with nor monitored by Tull Financial Group, Inc. Third party websites linked to TFG’s site are for informational purposes only, and are not to be construed as endorsements, tax, legal, or investment advice.
This blog article is provided for general information only, and nothing contained in the material constitutes a recommendation for purchase or sale of any security, or investment advisory services. Reproduction of this material is prohibited, and all rights are reserved. Read the full Disclosure.