Quotes Icon

Andrew M.

Andrew M.

VP of Operations

"We use TeamPassword for our small non-profit and it's met our needs well."

Get Started

Table Of Contents

    A person holding and about to touch a tablet with a password field and lock hovering above it.

    How to manage passwords securely and easily (2023)

    September 6, 202312 min read

    Password Management

    There’s a lot of conflicting advice about how to manage passwords: 

    • Do you need a password or a passphrase? 

    • Are complex or long passwords better? 

    • Do you really need to change your passwords every three months? 

    • Is two-factor authentication always better? 

    Here’s concise advice on exactly how to manage your passwords safely and securely.

    TeamPassword is the easiest way to manage passwords. Don’t believe us? Sign up for a 14-day free trial today and try for yourself.

    Table of Contents

      7 steps to safely manage passwords

      Password management isn’t difficult conceptually. It’s really a series of intuitive steps that help keep all of your accounts safe. However, some of the individual steps are tedious, and doing better at one sometimes leads to doing worse at another. For example, stronger passwords are harder to remember, leading some people to write them down on sticky notes or using other unsafe password storage systems. 

      Here are seven steps to better password management:

      1. Stop reusing passwords

      2. Check if you’ve been pwned

      3. Change your passwords regularly

      4. Make your passwords hard to crack

        1. Consider passphrases

        2. Employ a password generator

      5. Turn on multi-factor authentication

      6. Store and share your passwords securely

      7. Use a password manager

      Note that, while the first six steps are critical to securely managing your passwords, they can all be accomplished automatically once you follow through on Step 7.

      There’s no bigger cybersecurity mistake than reusing passwords. Unfortunately, despite warnings for more than two decades, people still reuse passwords. 

      It’s totally understandable, too. 

      The average person has 200 accounts. The average password is 12+ characters long and usually gibberish. Trying to remember even one of those passwords is difficult, but 200 is impossible.

      Still, there is no single better cybersecurity tip you can walk away with from this discussion on how to manage passwords than to stop reusing passwords. Step 2 explains why this is the case.

      Have you been pwned? Pwned is the industry term for your password being leaked online, and there’s a friendly tool that matches your email address to all of the leaked password lists found on the dark web. 

      These passwords need to be changed immediately! If you reuse the same password on other accounts (like your bank website or email), then those accounts have been compromised as well. That’s why you never reuse passwords.

      The last thing you want is for your leaked Neopets password to give hackers access to your bank account.

      undefined

      At this point, you’ve basically gone from your company’s cybersecurity weak point to at least neutral. Steps 3 and 4 are really about bringing our password management up to best practices. 

      First, you should be updating your passwords regularly. That’s because even the most secure websites do get hacked. Sometimes those password lists don’t get released for months because it takes hackers that long to decrypt the password information and export it to a plaintext file. 

      By updating your passwords every three months, there’s a good chance that by the time your hacked account is uploaded to the dark web you’ve already changed your password and can safely ignore the security breach. 

      Passwords are usually cracked by two methods, brute force or dictionary attacks. Brute force attacks start at 11111111, then 11111112, and so on until the password is discovered. Basically, it tries every possible password in sequential order.

      Dictionary attacks use a list of commonly used passwords such as “password” or “qwerty”, as well as the derivatives such as “passw0rd” or “QwErTy”. They can also include customized lists that come from social engineering, for example your pet’s name, the street you grew up on, or your birthday. 

      Most cyberattacks start with the standard dictionary attack, move on to social engineering lists, and finish with a brute force attack. 

      The single best way to prevent these attacks is to use a random, strong password that is at least 12 characters long, but the longer, the better. Here are two ways that can help you make your passwords hard to crack.

      1. Consider passphrases

      Passphrases are passwords that come from putting three or four medium to long words together and then mixing in capitalization and special characters, for example “D0g-Baseball-Co1n-Sh3lf!”. Passphrases help manage passwords by making long, secure passwords easier to remember. 

      1. Employ a password generator

      If you can’t come up with 200+ random passwords on your own, then use a password generator. This helps guarantee you won’t fall into lazy patterns of reusing passwords or making them easy to remember. 

      undefined

      Multi-factor authentication (MFA) forces individuals to prove their identity in more than one way, first with a password and then some sort of secondary confirmation. The most common MFA systems are SMS message, email, authentication app, and phone call. 

      Of these methods, authentication apps are the most secure as a separate system only used for authentication. Since phone numbers and email addresses can be compromised, they are not recommended when the option to use an authentication app is available.

      However, even though SMS and email are not preferred MFA systems, they are still better than no second authentication requirement! 

      Store your passwords somewhere safe. The best place to store written backups is in a safe (and definitely not on a sticky note on your computer monitor). The best way to manage passwords online is using a password manager (and definitely not an unsecure Google Sheets list). 

      When it comes to sharing passwords, remember that emails can be compromised, as can text messages, Facebook chats, etc. If your password manager doesn’t have a password sharing function and you really need to share accounts, consider making a phone call and then change the password when your friend/colleague/family member is done using your account.

      The first six steps are how to manage passwords securely. If you want to know how to manage passwords securely and easily, then here it is: use a password manager. Password managers have built in password generators to help you pick strong, random passwords. They store those passwords for you. Password managers also make it easier to change passwords when needed. 

      If you plan to share accounts, then you need a password manager designed for teams. That way accounts can be shared securely, so one team member doesn’t unintentionally leak your account credentials by sharing them via email or leaving them on a sticky note on their laptop.



      How to manage passwords FAQ

      Here are some frequently asked questions about how to manage passwords online.

      Why do you need a strong password?

      Your accounts are only as secure as the passwords chosen. They need to be long and complex to protect your data.

      How do you create a strong password?

      The easiest way to create strong, random passwords is to use a free password generator.

      How often should you change your passwords?

      Recommendations vary, but changing your passwords every three months is generally considered acceptable. 

      Should you use passwords or passphrases?

      Passphrases make it easy to remember longer, and therefore more secure, passwords. If you need to remember your password, passphrases are probably easier. 

      Do you need a password manager?

      Password managers are the most secure way to store passwords. They also make it easier to use a new strong, random password for every account by remembering all of them for you.

      Should you use your browser password manager or a separate one? 

      Browser password managers have two main deficiencies. First, they make it hard to use the same password list across all of your devices. Second, they don’t have password sharing features. 

      For many individual users, these features aren’t necessary. However, for companies where multiple employees share key accounts, separate password managers like TeamPassword bring time-saving features and improved cybersecurity.

      TeamPassword is the best way to manage your passwords

      Managing passwords is usually a six-step process. You use unique passwords for every account, make sure you haven’t been pwned, update the passwords regularly, make sure those passwords are hard to crack, turn on multi-factor authentication, and store and share passwords securely. 

      That’s a lot of work. It also goes against human nature. Difficult to crack passwords are hard to remember, so you need to write them all down—but writing them down violates another step. 

      Here’s the one-step method to better manage your passwords: use a password manager. TeamPassword generates strong, unique passwords for each account, stores them securely, updates the passwords when necessary, and makes it possible to share them with teammates securely.

      TeamPassword is designed to help teams manage passwords. Don’t believe us? Sign up for a 14-day free trial today and try for yourself.





      Enhance your password security

      The best software to generate and have your passwords managed correctly.

      TeamPassword Screenshot
      facebook social icon
      twitter social icon
      linkedin social icon
      Related Posts
      Education administrators working together around a chalkboard

      Business

      October 30, 202413 min read

      Best Education Administration Password Managers: What Schools Need and Why

      The best password manager for education administrators can keep students, teachers, and staff safe from cyber and physical ...

      TeamPassword vs 1Password

      Password Management

      October 30, 202411 min read

      1Password Alternatives for 2024

      Password is often recommended as a password manager tool, but for business and team use, you'll want to ...

      Person typing on a laptop with a sheet program on the screen covered by a masked password field.

      Password Management

      October 24, 20249 min read

      Password Sheet Templates: Keep Track of Your Online Accounts and Subscriptions in 2024

      Are you looking for a password sheet template to use in your business? Download ours for free, but ...

      Never miss an update!

      Subscribe to our blog for more posts like this.

      Promotional image