Database breach, phishing fraud and new AI tools have made simple passwords passé as a way to protect online accounts—but you still have ways to strengthen your defenses.
First, you need to be proactive with longer, unique passwords and additional layers of protection. A password management app can help, which is much more secure than keeping your login information in Notes or Writing.
Password managers can also store access keys, a more secure method of logging in that is meant to replace passwords entirely. Here’s a quick primer on it all.
Password managers
Apps and web browsers that encrypt all your passwords with one master password have been around for decades, but Apple passwords and Google Password Manager for Android and web browsers are relatively recent – and free. Check for a Password icon on your home screen or ask your virtual assistant to find it. The app requires your PIN or biometric data (fingerprint, eye or face scan) to open.
Keep in mind that having all your passwords on a device that can be stolen—and hacked if someone knows your screen lock PIN—is a security risk in itself. Turn on Apple’s Protection of stolen devices in iOS or Google settings Identity check and others theft protection tools in Android settings for additional protection.
Both Apple and Google apps are intuitive and can automatically generate long, unique passwords when you create or update an account. Apps store passwords (and access keys) in one place and automatically provide your credentials when you log in to a website. The app will alert you if any of your passwords are weak or have been cracked in a security breach. User manuals are at Apple and Google pages.
Google Password Manager works in much the same way Google Accounts on different devices. For non-Android users, cross-platform Google password managers Chrome browser works similarly.
Samsung Galaxy owners have too Samsung Passwhich uses biometric information for this log in to accounts. It works on Samsung products and does not include a password generator, but integrates with Samsung wallet application
But if you want a password manager with its own passwords, document storage, and greater flexibility across devices are available with subscription solutions. Wirecutter, a product review site owned by The New York Times, recommends 1Password ($48 per year) a Bitwarden (20 dollars per year) application.
As passwords have shown their vulnerability, many sites have added two-factor authentication to the login process. These are short numeric codes that are usually sent as a text message to your phone.
If the site supports access keys, it may prompt you to set them the next time you log in. You can also check your account password and security settings for access. The steps to set up the passkey may vary depending on your software and hardware, but the on-screen instructions will guide you.
To prevent hackers from abusing account recovery tools, Google advises leaving two-step verification enabled. Microsoft recommends removing old password recovery methods from account settings.
Many password managers do too save access keys now. Some will even let you know when you can upgrade from password to account access key – which is nice if you’re tired of worrying about passwords.
