Get Started with Password Management
Bryan Ossa CSM, PMP, L6S
Streamlining Strategy, Technology, and Operations for Professional Service & SaaS Companies
Good Morning?
It is a typical Monday morning. You logon to your computer only to realize that you're locked out of your email. It frustrates you but you go to try and reset your account only to find out that your information looks different. "Hrm, that's strange," you think to yourself as you brush it off as a future-you problem. You try to login to your CRM. The same thing happens. This time, you start panicking. It couldn't be a fluke, right? You then remember that you have a backup email for scenarios just like these. Guess what? You're locked out of that too...
Just then, you get a strange email to your personal account:
"I have hijacked your accounts. You can have them back... in exchange for $10,000."
If only you hadn't used the same password for everything.
Sadly, scenarios like these happen. Daily.
Since 2018, the cost of damages have grown from $8 billion to $20 billion in 2021, with an expectation to exceed $265 billion by 2031 (source).
The risk is growing and those who reuse passwords or use Out-of-the-Box tools like Google and Apple expose themselves to potential risks.
If you are one of those who fall in this category, you need to stop. Today.
There are so many better, more secure, and more scalable alternatives.
The best part is that they're significantly less expensive than $10,000.
Picking a Password Manager
Here's the hardest part - choosing your tool. Well, it used to be. It couldn't be more straightforward now!
Get 1Password . It is simple, effective, and incredibly secure. Don't believe me? Google it ;)
Does the price still scare you? Well, it shouldn't but let's assume it does. Bitwarden is a perfectly viable freemium solution.
While I'd strongly advocate for 1Password for business cases, Bitwarden can get the job done for personal accounts, if you need it.
Hooray - you have a new PW management tool. Now, let's do the thing you've been dreading for years... changing your passwords. Yes, all of them!
Setting a Master Password
Let's start with your Master Password. This is the one that you WANT to remember because it is what will get you into your password manager.
I strongly recommend creating a strong, memorable password. Ideally, this follows a structure that works for you. I remember the greatest recommendation I ever received from Pedro Villa several years ago:
"Craft your password like this: Pick an adjective, pick a verb, pick a special character, pick 2 numbers (random numbers), pick another special character, and put it all together. Boom - there's your password!"
You can create something like:
eternallyHELPING/45<
What I love about this approach is that it is almost unbreakable. There are so many combinations in this setup that you can share the strategy without a big security risk.
Time to put the cherry on top. Setup Multi-Factor Authentication. Personally, I use Authy but there are a ton of viable options available.
领英推荐
Migrating Your Other Password
Now that your Master PW is set, you can move the rest of your logins over! I know, you're delighted - it is just SO much fun!
Joking aside, this really is the perfect time to reset. There are so many valuable advantages to this approach:
Creating a Naming Convention
Now that you're getting your accounts updated and secure, it is the perfect time to introduce naming conventions! This will make it so much easier to find logins, especially if you are managing client systems too.
Here are a couple examples that you can use:
For Personal Logins
Personal | SOFTWARE_NAME | SOFTWARE_TYPE
Personal | LinkedIn | Social Media or Personal | US Bank | Finance
For Business Logins
CLIENT_NAME | SOFTWARE_NAME | SOFTWARE_TYPE
RPMO | HubSpot | CRM & Automation or RPMO | Shopify | Commerce
A Natural Folder Structure
You know what else is great about creating naming conventions like this?
You build a natural folder structure! This will further enhance your organization in every way.
This is ideal for both personal and professional environments, since it will give you the flexibility to organize and share logins smoothly and effectively.
And, if you ever need to share a login to someone as a one-off, you can easily change account passwords and share the temporary logins with tools like One Time Secret or PrivateBin.
Simplify It
More and more companies are introducing the option of SSO (Single Sign On) into their applications. This is a great resource that you can take advantage of to simplify your life.
However, if you take advantage of it, you should ALWAYS setup a recovery password that you save to your password manager.
It is also a good idea to download, encrypt, password-protect, and store your password vault. This will enable you to recover accounts quickly in case your password manager is ever jeopardized.