Using A Password Manager

A password manager is a quick and easy way to protect your client files and other confidential information.

(Image courtesy of Clio: How To Protect Your Clients From Hackers.)

(Image courtesy of Clio: How To Protect Your Clients From Hackers.)

Initially, the thought of using a password manager seemed like a horrible idea to me. The thought of using an app to store all of my passwords seemed like a disaster waiting to happen. The problem is that a lot of us use password managers, we just don’t realize it. If you use Firefox as a browser or Internet Explorer or any browser that asks if you want to save your password, you are using a password manager. All of your logins and passwords are stored in one spot waiting to be stolen. So, I finally decided to get a password manager and am here to demystify the process for you.

How Password Managers Work

I have over 300 sites that were saved in Firefox with usernames and passwords. We can all agree that it would not be secure for me to use a password like “1234” or “password” on each site. It would obviously be more secure if I used the password “90gjJJBUN&_Hk2#.” The problem with that is that I would have to either remember it or write it down and keep it next to my computer, which would defeat the purpose of having a secure password. Then, if someone finds out that one password and I use that password on every site, they would get the keys to my digital life. So, I would need to have a different random combination like the one above for every one of the 300 sites I have logins for. That would be impossible to remember. That’s where password managers come into play. I downloaded TrueKey by Intel. Here’s how it works.

With a password manager, you download the app on your computer and on your phone. There’s a plugin for your internet browsers. When you open your browser, you log into your password manager with a master password. It uses a couple of different layers of authentication. So, for example, I can set it to log me in only when two factors are met – when I enter my password, and when I log in from a remembered device. You can set it so that it logs in with a password, or a fingerprint or with facial recognition, although the facial recognition login method is not as good as the one on my computer with Windows Hello. Your face has to be just the right distance from the camera and at the right angle. With multi-factor authentication login, even if someone gets my master password, they can’t login to my password manager unless they have my phone, my face, or my finger (in which case I’ve got worse problems than having to change my Amazon password).

capture

When you go to a website, the password manager remembers your passwords and auto fills them in and automatically logs you in where you have a saved password. When you go to a create a new account somewhere, it understands that you are creating an account and prompts you to use the password manager to create a random string of complex characters. You can also go back to your passwords for your existing account and reset those to randomly generated, complex strings of characters. Now all of your passwords can be random strong passwords.

Sponsored

2

If someone hacks your Amazon account and gets your password, one of the first things they’ll do is test it to see if you reuse passwords on other sites. So, if your password for Amazon is “password,” the hacker might go to wellsfargo.com or Citibank.com or any other website with your login credentials, and chances are that you reuse those credentials on at least one other major site.

So Is It Worth It?

One of the most common questions I get is about cybersecurity – which cloud platform is the safest, how do we setup secure remote access, etc. All of these precautions you take to make your online life secure are all for naught if you put up big doors, but leave the keys lying around. A password manager is a quick and easy way to make your online life more secure and to protect your client files and other confidential information.


Sponsored

Jeff Bennion is a solo practitioner at the Law Office of Jeff Bennion. He serves as a member of the Board of Directors of San Diego’s plaintiffs’ trial lawyers association, Consumer Attorneys of San Diego. He is also the Education Chair and Executive Committee member of the State Bar of California’s Law Practice Management and Technology section. He is a member of the Advisory Council and instructor at UCSD’s Litigation Technology Management program. His opinions are his own. Follow him on Twitter here or on Facebook here, or contact him by email at jeff@trial.technology.

CRM Banner