Cleanse

Day Twelve: Password Protection

A gold key fitted into a lock.
Better keep those locks and keys under lock and key... (Credit: PNGall.com)

Table of Contents

Up Next: Secure All Accounts!

The big ticket items on your Data Roadmap should be looking pretty good by now. You have replaced your email and chat with secure channels, you're moving your contacts into secure storage, you've got your social media backups started and are exiting to better climes. Well done, you!

That said, there's still a lot left on your list. Your doctor's web portal, your kids' kindergarten sign-in, gas and electric and internet bills, plus that place you bought a gift from six years ago that won't stop emailing you Over the next few days we are going to get your accounts in order. Some of them, you'll close for good. Others, you'll keep but transition over to smarter and more secure settings.

In the coming days you'll set up a password manager and a credit card masking account. Then you'll go through and systematically delete all the accounts you don't need (labeled LOSE in your Data Roadmap). For the ones you'll KEEP, you'll change your email address to a mask, change your password to something secure that you'll store in your new password manager, and swap in a credit card mask as well.

We will take this one step at a time, though. And we'll keep it light: I know you're already behind on downloading your gmail and deleting your SnapTweets. Fortunately, you already have the first ingredient you need: email masks. But you'll need a password manager and credit card number mask before we can switch over these accounts.

Today's effort: getting a password manager set up.

Open Sesame!

Most people have one or two passwords they use for everything. This is a bad idea. Passwords (with username combinations) occasionally get swiped when places get hacked. If you're giving out your gmail address with your name in it and the same password you use for gmail every time ... let's just say that's a ticking timebomb.

Or perhaps you write your password down on a sticky note on your laptop (this is also a bad idea).

Enter the password manager. Good password managers do a series of things for you:

  • They store your usernames and passwords for each site you log into, and autopopulate those login fields when you return
  • They will help you make up random strings of alphanumeric characters for each password, so it's unique and unguessable
  • They come as extensions for your browsers as well as on your mobile devices
  • You can access them in some way so that you can look over which logins you've saved and what those passwords are.

Some password managers go above and beyond and provide services like the following:

  • Spoof login names
  • A shared "vault" or password management system for family members
  • The chance to scan lists of stolen usernames and passwords to see if there's a match

You usually have to pay for these premium features, but they can be worth it for the peace of mind.

What are my options?

Most web browsers have a built in password manager. Firefox or DuckDuckGo, for instance, will make up random passwords for you and store them, so you can access your login info at any time from the main menu. 

You can use this. There is no rule against it. It works fine and it handles the basics. In general, though, remember my whole "not all the eggs in one basket" rule? It's usually a good idea to spread your traces around. 

Especially for something like a password vault, I'd personally want that to be like an additional Fort Knox for built-in resilience. You know, with additional two-factor authentication. That way if someone manages to figure out your password and log into your browser sync account looking for your general passwords, you can be all, "Sorry Mario, but your Princess is in another castle!"

Additionally, browsers tend to be individually-tailored but you might consider a family plan if you share accounts with anyone on a regular basis. Sure, you might need this to ensure the kids' logins on their own devices are secure (I can't imagine they choose good passwords).

You'll also need this if you share household expenses with someone. For instance, if you and your partner need to both log in to pay the bill for electric charges, with a shared vault you'll both have access to the same passwords to do so. This is especially helpful to consider if something goes wrong--if you are incapacitated, or your partner passes away, you'll need access to those joint accounts!

That said, you need an extremely trusted third party service for this. Here are some options you could consider. All of them offer free trials so you can give them a whirl:

  • Proton Mail also provides ProtonPass, a password manager, to those who have also signed up for ProtonMail. It provides immediate aliases (through simplelogin, their partner). You can upgrade to one of several plans (individual plan is $2.99/month, the family plan is $4.99/month, or pay something like $10/month for all of Proton's services). A plugin or extension sits in your browser and helpfully stores passwords or completes login fields upon request. Simply install from here and get started.
  • A friend of mine with three busy kids swears by 1Password. For $4.99/month they provide a family plan that allows you to have shared vaults for safe storage. You can also make up usernames and passwords on the spot. They offer to scan "Have I Been Pwned" for you to see if your prior login usernames or passwords have been breached or stolen.
  • Bitwarden is a favorite among open source afficionados. It has all the same bells and whistles and low rates.  It's based in Santa Barbara, CA, and its family plan price is $40/month, with a free single user option and a "premium" plan for $1/month.
  • Nordpass has a highly rated password manager that's especially good for Windows users. It's a little less expensive: ithas a family ($2.79/month) and individual plan option ($1.49/month) as well as a free version. I've used their VPN services before and they have a reputation for being strong and secure.  Nordpass is based in Lithuania and benefits from EU privacy protection, the GDPR.
  • The most famous of the password managers is LastPass, used by millions of people. But they are also the most fraught and have suffered massive security breaches between 2022-24, including hacks that lost people millions of dollars in their crypto-wallets. Use at your own risk.

Sign Up and Get Set Up

Check these options out and settle on at least one that you'll take with you moving forward. Since we're going to change your logins, you'll need something like this that is up to date and accessible. Each one makes it easy to sign up and start an account.

Next, install the corresponding plug-in or extension for your web browser (ProtonPass, 1Password, Bitwarden, Nordpass, LastPass). This will ensure your new password manager can autopopulate login fields on websites and store your input on those sites as well.

Speaking of accessible, make sure you also grab their on-the-go mobile apps as well: Click for ProtonPass (iOS and Android), 1Password (iOS and Android), Bitwarden (iOS and Android), NordPass (iOS and Android) and LastPass (iOS and Android).

You can also export your existing saved passwords and logins from your current browser (Firefox, Chrome, Edge, Safari) and import them into one of these systems (ProtonPass, 1Password, Bitwarden, Nordpass, LastPass).

Please note that the file will save as a *.CSV--a basic spreadsheet, unencrypted!! Make sure it's not saved anywhere on your drive that will "sync" to another service (i.e. Dropbox, iCloud, OneDrive) and you'll want to delete the heck out of it after you're done transfering (empty Trash afterward, etc.).

 

And that's it! Enjoy your new level of security as you continue transfering your Gmail and deleting your social media. You deserve it!