FREE NEWSLETTER

Staying Safe

Phil Kernen  |  March 30, 2021

FOLKS FORGET passwords every day, an inconvenience that can usually be quickly fixed—but not always.

In January, The New York Times wrote about a German programmer living in San Francisco. A decade ago, he had been paid 7,002 bitcoins for making a video explaining how cryptocurrencies work. He stored them in a digital wallet on a hard drive and wrote the password on a piece of paper, which he has since lost. After 10 failed attempts, the password will encrypt itself, making the wallet impossible to access. Eight attempts have failed so far. With bitcoin trading at some $57,000 each, his lost password could cost him $400 million.

We live in an increasingly digital world driven by electronic account access and necessitating a ballooning number of passwords. How should we manage our online life? We know about the danger of using weak passwords, or memorizing one random password and using it for everything, or not changing passwords often enough. Each of these approaches puts us at risk, financially and otherwise.

Enter the password manager. My wife used one at work. After learning one of our teenagers was using passwords that would make a cybersecurity expert shudder, she insisted the family adopt one, too. She chose LastPass, but there are also other good options. I went along half-heartedly, if only to set a good example for our kids.

But for a while, I also continued to store the same usernames and passwords in a password-protected Microsoft Word document. Twelve months later, it struck me: Using the password manager was far easier and more efficient.

Our Weekly Newsletter

How so? Password managers make it easy to generate a random password for each account. Utilizing this feature can prevent password-reuse attacks, where attackers steal user emails and passwords, and then use them to break into other accounts that use the same username and password. Password managers also track websites with which you have accounts, making it easy to identify and close unused accounts, thus reducing your online exposure.

When you sign up for a password manager, you’ll need to create a master password. Your master password encrypts the contents of your password vault, so you should use something complex. No, 12345678 need not apply. You can also set up two-factor authorization via text or email or, alternatively, by authenticating your fingerprints with your phone. Password managers aren’t immune to security bugs, but they represent a huge improvement.

A password manager effectively exchanges many passwords for one master password, which underscores the importance of that master password. It’s the key to your digital life. What if you lose or forget it? Each password manager will have its unique recovery process. But the best approach is to find a way to keep your master password secure and yet easily accessible to you.

A friend utilizes a password manager for his accounts, but he was uncomfortable documenting his master password in the file containing his estate planning documents. His solution: He noted half of his master password in the file and gave the other half to a trusted family member. When he dies, the law firm and the family member will come together, providing the executor with the master password needed to access his financial accounts.

Phil Kernen, CFA, is a portfolio manager and partner with Mitchell Capital, a financial planning and investment management firm in Leawood, Kansas. When he’s not working, Phil enjoys spending time with his family and friends, reading, hiking and riding his bike. You can connect with Phil via LinkedIn. His previous articles were We’re All Active and What? Spend It?

Do you enjoy HumbleDollar? Please support our work with a donation. Want to receive daily email alerts about new articles? Click here. How about getting our weekly newsletter? Sign up now.

Subscribe
Notify of
8 Comments
Inline Feedbacks
View all comments
booch221
booch221
10 days ago

Password manager made my life a lot easier.

Last edited 10 days ago by booch221
HannahKatz
HannahKatz
10 days ago

Anyone have any experience with the password manager included with Norton 360? It comes included in the overall software but I am curious if it compares to the others, especially with the two step process.

James McGlynn CFA RICP®
James McGlynn CFA RICP®
14 days ago

Yes the proliferation of passwords is overwhelming. Great for daily use and for estate planning.

davebarnes
davebarnes
14 days ago

1Password is a great product. I have been a fan ever since I replaced my 20-page Word doc with it in 2008. I use it to manage 547 items.
Runs/synched on my iMac, iPhone, and iPad.

Last edited 14 days ago by davebarnes
parkslope
parkslope
14 days ago
Reply to  davebarnes

I used Lastpass for many years but recently switched to Dashlane. It works well for me and has significantly better ratings than Lastpass or 1Password on the Mac App Store. I don’t think you can go wrong with any of these three password managers.

davebarnes
davebarnes
14 days ago
Reply to  parkslope

Most of the complaints abot 1Password are about the switch to a subscription model. Me. I download the standalone MacOS version. I hate subscriptions.

parkslope
parkslope
14 days ago

Two-factor authentication is much more important than the passwords you use. A complex password is no better than a simple one if a database that has your password is compromised.

IAD
IAD
14 days ago

I’m in total agreement. I use a password manager and it has made my life so much easier. The one I use synchs between my desktop and phone, so everything is there!

Free Newsletter

SHARE