There’s a cartoon making the rounds on social media; a surgeon prepares to do brain surgery on a patient. He says to his colleagues in the operating room, “We have to relieve pressure on his skull. So I’m going to go in and remove about two dozen passwords.” Haven’t many of us felt that pressure of too many passwords floating around in our brains?

How many passwords do you have? Dashlane, a password manager company, has data showing many folks maintain 200-plus accounts requiring passwords. That number seems extraordinary, doesn’t it? Start counting your accounts: email(s), social media accounts, banking and other financial accounts, The Times Record and other newspapers, companies you do business with online, the library, Zoom and/or Skype, game apps, cloud accounts like Dropbox and so on. When we start to list our accounts, the number of passwords goes up rapidly.

Breaches of major companies’ data are all too frequent. It seems we read about one once a month. Because our passwords are stored in various companies’ databases, our security and privacy are at risk. What to do?

Fortunately, cyber experts have some very good advice related to making our passwords more secure.

1) Do not reuse passwords across accounts. Why? Once having breached a company’s database, hackers simply go looking for the passwords in other places.

2) Create passwords that are not easy to figure out. Our pets’ names, birthdays and hometown sports team names are all too easy to decipher. Go for length and multiple characters. Here’s an interesting statistic: “96% of passwords related to cyber attacks use fewer than ten characters and 76% use fewer than six.” Here’s another interesting tidbit — the most popular password in the world is 123456. If you are using these numbers, change your password immediately! To reiterate, we need to create passwords with more than ten random characters in length.

3) If you have an iPhone/iPad or an Android you can check to see if you have any compromised passwords. On an Apple device, go to Settings and scroll down to Passwords. Once you tap on Passwords, you will see Security Recommendations. Tap on that item and make sure Detect Compromised Passwords is turned on. If you have a problem, it will be listed in this section.

Android users and anyone who uses Google can check for unreliable passwords by doing the following:

• • Open your Google account — you’ll find the option in the nine dots in a square in the upper right-hand corner of your screen when you open Google.
  • Click or tap on Security in the left-hand menu.
  • Click or tap on “You have security recommendations.”
  • You should see the choice of “Check Passwords.” Click or tap.

Google may ask you to verify your account which adds additional steps. Just follow their directions.

4) Many internet companies now offer the choice of two-factor authentication. When you sign onto their website, you have to enter a code sent to you by text. With both Apple and Google, you need to set up this feature in Settings.

5) Many experts now recommend using a Password Manager app. The app will let you know if there is a problem. A variety of password managers are available. We will share some expert opinions later in the article.

If you would like more details about these recommendations, read “The ultimate guide to secure passwords” by Tatum Hunter in the Dec. 16, 2021 issue of the Washington Post. (tinyurl.com/y6vayjeb) It was the major source for these suggestions.

Let’s look at password managers in more detail. What exactly is a password manager? “Malwarebytes Labs defines a password manager as a software application designed to store and manage online credentials. It also generates passwords. Usually, these passwords are stored in an encrypted database and locked behind a master password.” (https://www.malwarebytes.com/what-is-password-manager)

What are the best ones to use? That’s a great question, and it depends on exactly what you want the app to do, how much you want to pay, and whether or not you want it for personal or business use. Below are recommendations from several digital experts.

PC Magazine gives two apps a 4.5 out of 5 point rating.

1. Keeper Password Manager & Digital Vault
2. Zoho Vault — they have a free plan for individuals

WireCutter in the New York Times highly recommends these two.

1. Password — it works on most devices and is $36 a year.
2. Bitwarden — it’s free but doesn’t have a password strength check.

CNET

1. Bitwarden — they think it’s the best free password manager.
2. LastPass — in their opinion, the best-paid for app.
3. Password — best-paid for app that will work with multiple platforms (Windows, iOS, etc.)

Obviously, anyone considering using a password manager should do research based on their needs. Here are some things to consider:

1. Budget — do you want to pay for the app, or do you want a free one?
2. Which devices are you going to use it with? Are they compatible with the password manager you are considering?
3. Which platforms do you use? For example, if you have an iPhone and use a PC computer, will the password manager work on both platforms?
4. How many passwords do you need to store? Is there a limit to the number the app will handle?
5. Who will you trust with the password manager password if you become unable to manage your digital life? Make this decision before anything happens.
6. Apple, Google, and other browsers also offer to create a password for you. Are they reliable?

Here is some information we turned up by doing a little research:

Apple: “Apple uses end-to-end 256-bit AES encryption to protect your data. They don’t know the passcode you use, so they can’t access your data, and that means if someone was able to hack into iCloud, they couldn’t access your data either.” Of course, if you forget the passcode to get into your iPhone, you will have a problem.

Google and other browsers: The All Things Secured website offers these opinions about browser password generation:

1. The browsers’ primary function is not password management, therefore it’s not their strongest feature.
2. The browsers can be breached.
3. Passwords may not be particularly strong.

There are arguments against using a password manager. Some are spelled out in an article on the Open Business Council website, “Why You Shouldn’t Use a Password Manager.” (tinyurl.com/37vf5z9u) Here are some things to think about as you make your decision:

1. What happens if you forget or lose your master password?
2. Many older devices are not secure. Should a key logger virus have infected your device, a hacker would be able to record the keystrokes you use to access your password manager.
3. Not all password managers work on all devices and browsers. In other words, it might work when you are using Google Chrome, but not Safari.
4. What happens if the password manager app goes off-line for a while because of an equipment malfunction? How will you access the accounts you need to get to right then?
5. Evidently, all password managers are not of equal quality, and service may vary. Do your research.
6. Remember, it’s not impossible for a password manager company’s database to be breached.
7. This idea is one of my favorites: it’s good to keep aging brains working by memorizing new information.

How you manage your password is really a personal decision. What works for your brother-in-law or friend may not be the best solution for yourself. For some, control is all-important, while others have a strong sense of personal privacy. These folks may devise a plan for storing passwords in an email or the Notes app or somewhere else on one of their devices. They should consider the security issues related to their plan. Emails are not always private, and a lost phone without a passcode is the gateway to a lot of personal information. Just a side note, the Notes app does have a password-protected lock feature — of course, you have to remember the password for it!

Others, value an efficient, no-nonsense approach to passwords, and a password manager is just the ticket for them.

Whatever your decision, change any passwords that are too easy to guess, check for compromised passwords on your Apple devices and Google (Android) accounts, and research any password managers you are considering.

The BoomerTECH Adventures website has several blog posts related to security, passwords, and privacy you might find useful. Here’s a link for online readers: tinyurl.com/27swc9bt; and for those reading the paper edition, do a search on the BTA website using the keyword security.

BoomerTECH Adventures (boomertechadventures.com) provides expert guidance and resources to help Boomers and older adults develop competence and confidence using their Apple devices. Boomers themselves, BoomerTECH Adventures rely on their skills as educators to create experiences that meet individual needs through videos, Zoom presentations, tech tips, and timely blog posts.

Copy the Story Link