Password managers are good.
Without a password manager, you either end up using the same or similar passwords everywhere—making it easy to compromise multiple accounts once someone figures out a password—or storing passwords in an insecure manner.
Most web browsers now offer to remember passwords. This is a good start, but it brings about two challenges:
- What if you want your passwords somewhere else? Some systems will syncronise login info, but that requires you to use the same browser on all your devices.
- Often, there's nothing preventing someone from logging in with your saved password if they borrow your device, since the browser doesn't suggest using a master password to unlock the saved passwords. This also means nefarious software could get access to your saved passwords.
This is where a third-party password manager can save the day. They use plugins so that your passwords are accessible in every browser and on every device you might use.
I’ve used several over the years with a partial goal of knowing what's out there, and my personal favourite is Bitwarden.
- Free — with additional paid features, but I don’t use them and I doubt you’d need them either.
- Verifiably secure and trustworthy — their system both will not and cannot allow anyone/thing to see the saved passwords without unlocking with a master password, and they get things audited by an independent third party.
- Works on just about any platform you might be using.
- Passwords are synchronised with a central server (in encrypted form), so when you add/update a password on one device, it’s accessible everywhere else as well.
So if you were to give one a try, I’d start with that one!