If you would rather listen to a discussion about this topic, then check out this episode from the Australian Bitcoin Podcast:
HardBlock aims to help users become self-sovereign bitcoiners. One way we’ll do this is with actionable tips to improve your privacy and security. Most think they are too far gone, but it’s important to not let “perfect” be the enemy of “good” – self-sovereignty is an incremental process; make the shift gradually!
We’re focusing on password management in this article.
Why should you use a password manager to generate and store your passwords?
To put it simply: humans are a terrible source of entropy (i.e., randomness) and our memory is fallible!
This means we often re-use passwords (or even parts of passwords), which makes us vulnerable if an attacker were to discover that information. Seeing as passwords are frequently leaked in data breaches, this risk cannot be understated! For example, check out Have I Been Pwned to see if any of your old passwords have been leaked.
The other issue is that we often forget passwords, which can be inconvenient and time-consuming to reset them. Plus, each time we reset forgotten credentials, we’re more likely to choose one of our less secure commonly-repeated passwords!
How will a password manager help?
When using a password manager, you can generate unique and strong passwords for every website you use, and you remove the chance of later forgetting the password. If you took our advice in the recent How to Upgrade Your Email Privacy article and are now using private email aliases to log in to websites, then using a password manager will simplify that process significantly too.
Which password manager should you use?
While there are numerous password management options, we tend to prefer Bitwarden. This is because Bitwarden is: open source (so their code and claims are verifiable); zero-knowledge end-to-end encrypted (so your sensitive data is protected, even from Bitwarden); available on most browsers and devices; accessible in both online and offline options (including a self-hosting option for advanced users); and free to use (with additional features available for a reasonable fee).
How can you transition to a password manager?
Remember to not let “perfect” be the enemy of “good” when it comes to your privacy and security. Changing to a password manager may seem long-winded, but if you make it a gradual process (e.g., adding just one login credential per day to your password manager), then it can be relatively painless and you’ll quickly start benefiting from the added convenience and security!
It's important that you back up your password manager master password, as you will not be able to restore this if you forget it. Treat it like it were your bitcoin mnemonic seed phrase - that is, store it physically, maybe in steel, and possibly in more than one location! Similarly, if you set up your password manager with two-factor authentication (2FA) for added security, then be sure to back up your 2FA recovery code too (and ideally keep it separate from the backup of your master password!).
Please note that we are not paid to advertise any of the above products or services – they are just our suggestions based on our own research.