Let’s just call a spade a spade: passwords are among the most irritating things about living in the digital age. Trying to remember even one or two passwords—let alone a different password for every device, site, and service that you use, as is usually recommended—can be a real test for the more forgetful among us. But passwords are also essential. Often, they are the one safeguard protecting your computer, your social media accounts, your email inbox, or your online banking page—to name a few—from everyone else on the web.
With all of this in mind, we’ve put together a basic guide to help you deal with passwords in your day-to-day life. What goes into a strong password, what are good password habits to adopt, what is a password manager, and why should you be using one? Read on to learn the answers to all of these questions!
Choosing Strong Passwords
Perhaps the most important thing to remember about passwords is that some passwords are good, and some passwords are bad. Most people select bad passwords—or have good passwords, but use them over and over again, thereby essentially rendering them as bad passwords.
The good news is that choosing a good password for your next online account really isn’t difficult. Stronger passwords are usually longer, use a mix of letters and numbers, use a mix of upper and lowercase letters, or use symbols. Good passwords often also include willful misspellings or shortenings of words or phrases, because those are almost impossible to guess out of the blue.
Finally, don’t use anything too obvious: things you put out there on the Internet for all to see (like your name/initials or birth date, your favorite movie or song, or a pet’s name) make for bad passwords or even parts of passwords because someone who knows you can guess them. The exception is if you use these items, but misspell them, abbreviate them, or replace letters with numbers and symbols. Otherwise, shoot for something obscure or completely random as your password—and even then, add numbers and symbols to make it less predictable.
Note: Most of your keyboard is fair game for creating a password, but steer clear of the spacebar. Some systems will read the spaces as errors and automatically remove them—which would obviously make for a very frustrating time trying to get a site to accept your (correct) password.
The bad news about choosing a strong password is that they are, by definition, more difficult to remember than weak passwords. Add the fact that most people need to use half a dozen logins (if not more) on a daily basis, and remembering different passwords for each of them can begin to feel like mission impossible.
That’s where password managers come in. A password manager is precisely what it sounds like: a secure app where users can store and keep track of their passwords. Usually, password managers encrypt your passwords and then lock them up, requiring a master password for access. Obviously, the master password you choose has to be like the mother ship of all strong passwords, because if someone can crack it, then they can get access to basically everything in your digital life.
For Mac, there are a number of strong, highly rated password manager apps available. We’ve listed, linked, and priced out our five favorites below:
1Password is really the standard in password managers, both in protection and ease of use—hence the heftier price tag. Luckily, each of the above options has a four-and-a-half star average customer rating on the Apple App Store, so clearly, you don’t necessarily have to pay a premium price to get a top-quality product. Regardless of how much you are looking to spend on your password manager, we encourage all users to read reviews and look at program descriptions/screenshots to decide which app is the right choice for them.
What about Changing Passwords?
Even when you have strong passwords and are using a high-quality password manager, you shouldn’t get complacent. That’s why many experts recommend that you change your passwords two or three times a year—and why some businesses or schools actually require you to change your password after a certain amount of time has elapsed. But if you aren’t required to change your password, should you still follow the 2-3 times a year rule?
Honestly, it depends on what you are protecting. Passwords for sensitive sites (like banking sites) or to unlock your entire password manager should be changed more often to keep hackers on their toes. Since your email account is the key to just about all of your online accounts, it’s also not a bad idea to change that password regularly.
But what about passwords for social media accounts or online message boards? With less sensitive sites, you can probably afford to only change the password once a year. Essentially, you’re weighing the lost time and productivity of trying to think up or remember a new strong password, against the potential impact of an account hack. For sites not linked to your bank account, your credit cards, or your other passwords, it might be worth it to save yourself the frustration and keep a static password—so long as it is a good one, based on the tips above—for a longer period of time.
Don’t Reuse Passwords
With all of that said, your passwords will be less secure if you reuse them from one site to the next. If you use the same password on three or four sites, hackers could feasibly break into the password database on one site and then use that information to compromise your accounts on other sites. Using a password manager will allow you to have different passwords on every site without necessarily needing to remember what each of them is on the fly. Password managers also make it easy to change your passwords and secure your accounts in the event that a website gets hacked.