Why You Need a Password Manager

Take a minute and think about how many web sites for which you have passwords and user names set up. Now think about how many of those are financial sites. In our age of online everything, many of us now do most of our banking and investing solely online. We may never even receive paper communications from our institutions. We set up and close accounts entirely online.

Now think about what would happen if you could no longer remember your passwords and had no record of them. Scary, huh? Maybe you get Alzheimer’s disease or you’re in an accident that affects your memory. Or maybe you just forget. We all blank out sometimes. Sure, some sites have password recovery tools, but many financial web sites do not or, if they do, they are more complicated than just asking to have a password emailed to you. They do this to protect your information, but it means that if a password is lost you’re going to have to spend some time with a customer service representative jumping through hoops to prove that you are really you, or that you are an authorized agent of the person in question.

I had this happen the other day in my family. An elderly relative could no longer remember the password to his investment account. It wasn’t written down anywhere and he just couldn’t remember. He had to call the firm and spent (I kid you not) an hour and a half on the phone with various people trying to regain access to his account. He finally succeeded, but it was a long process. Another friend told me that he had to go through this when his mother developed Alzheimer’s and couldn’t remember anything. Since he was acting as his mother’s agent he had to go through even more steps such as sending in birth certificates and Social Security cards to prove his mother’s identity, as well as getting letters from lawyers stating that he was acting on his mother’s behalf.

I realized the necessity of this myself when I realized how many accounts we have that I set up. My husband knows they exist but since I manage all the finances, I’m the one with all the passwords and login information. If something happens to me, he’ll have a hard time getting to our money. (I have a password manager but, duh, I’d never given him the master password. I took care of that yesterday.)

These problems could be prevented with a simple password manager program. There are many free and low cost options out there for computers, PDA’s, and smart phones. These programs allow you to note the website, your login information, and any other relevant information such as security keys (mother’s maiden name, pet’s name, etc.) that further prove the identity of the user. While you could set something like this up in Excel or Word, it is not secure. A good password manager program uses encryption technology to ensure that your information can’t be read if your computer falls into the wrong hands.

Most password managers require you to create one master password that is used to access the program. That one password gives you access to all of your other password records. It’s far easier to keep up with one password than thirty or more. If you’re worried about losing that one password and then losing access to everything, make a note of the master password and then put it in a secure place like a safe or safe deposit box. Or embed it into another file on your computer that has nothing to do with your passwords and that would be uninteresting to thieves, like an old Christmas letter. If you just don’t like the idea of using a password manager program, you can keep a paper record, but make sure you keep it in a secure place. If it ever gets lost or destroyed, all of your information is vulnerable.

Whatever method you choose, make sure your heirs and financial caretakers know what arrangements you’ve made. Tell them where to find your master password or where to find your paper password record. Also make sure to back up your password manager (if you’re using a computer program) to protect yourself from computer failures. If you ever lose your memory, either you or your heirs will be able to access your accounts until a permanent transfer of assets can take place.

This entry was posted in Personal Finance, Relationships and tagged , , , , , . Bookmark the permalink.

10 Responses to Why You Need a Password Manager

  1. GadgetBoy says:

    I would suggest you check out Keepass (http://keepass.com). It is part of the PortableApps (http://portableapps.com/) application and can be downloaded separately or as part of the suite. Originally, I used the same password for every site that I visited. I have since realized how dumb that was… I installed it all on a memory stick and carry it around with me. I have a different 12-16 random character password for every website I visit. I keep a copy of the database on my laptop and a backup on a disk.

    Now, wherever I am I can log in to a PC and check any account. Even better, the PortableApps suite comes with a virus scanner so I can scan the unknown PC for any potential viruses or key loggers to ensure my browsing will be safe.

    Very good article…

  2. Carol says:

    I have always kept a password record, and once in a blue moon I need to refer to it. Credit cards and bank accounts are easier to track online (especially when you have concerns about theft).

    Another reason to keep a good account of your passwords and logins: a friend of mine had his debit card information stolen. He needed to change his card information for everything he had auto pay on (which was everything except for his rent!). He had a difficult time trying to make the changes because he didn’t remember any of his logins or passwords. He spent hours on the phone with customer service reps trying to get things straightened out, and ended up with a few late fees for accounts he had forgotten. I talked him into keeping a record of his passwords and he thought that was a smart idea…and has been doing it since! He’s also noted “autopay” on the ones that are drafted from his bank account just in case he needs to change things around again.

  3. Monkey Mama says:

    I keep a record, and no doubt I have a lot of accounts. But is it really that painful to reset a password? We changed e-mails last year and I had to call about 5 places to reset my password or ask for my login. Each call took like a minute. Guess it depends on the place.

    On the flip side, my dad had a stroke and forgot all his passwords. Then again, that was the least of his worries – it wasn’t a biggie.

    A very good reason for a password manager is in case of death. For a spouse, in particular.

  4. baselle says:

    Aren’t you assuming that passwords are static? More and more sites that I access ask you (force you) to change your password every six months or so. Also, I remember that Gator (primitive password manager) used to hook you on the convenience of a manager, then try to sell you crap. Ever since then, I’ve been wary.

    I’ll have to check out that Keepass/Portable Apps application. Thx!

  5. Randy King says:

    I would suggest several different ways of managing multiple hard-to-guess passwords:

    Desktop software: 1Password, Keepass, SignupShield, Roboform

    USB drive: Ironkey, ID Vault

    Web app: Passpack, Lastpass, Mitto

    Standalone device: Mandylion, Atek Logio

    Each has advantages and disadvantages in terms of security, convenience, and portability.

  6. A Marino says:

    I personally don’t trust putting that kind of information online.

    I have index cards that are divided into subjects such as banks, utilities, credit cards, company passwords and EFTPS info.

    For ordinary subjects, every card is alphabitized and I feel good about this system.

  7. GadgetBoy says:

    @A Marino

    Keepass is not an online application – it stores your passwords locally on your PC.

    Just an FYI

  8. Jonathan says:

    Secret Server is another option – it is free for individuals (but scales to enterprise use). It is web-based and also has an iPhone interface.

  9. Mary says:

    I use Billeo to manage my passwords. It’s a great password manager and a real time saver. It securely saves my passwords and I can easily edit or delete them anytime. The tool is VeriSign secured and TRUSTe certified, so no security issues.

  10. ThiNg says:

    I use an encryption application called TrueCrypt. It’s free and it creates super strong encrypted containers (higher than top-secret US government encryption if you want to!). The containers can even be hidden inside of other containers. So I did this.

    I bought a 8GB USB key ($20) and encrypted the entire key with a simple password (I use that to transfer files in case I ever lose the key). In there, I created a new encrypted folder with a much stronger password. That contains simple notepad files of all my passwords etc. Cost me nothing at all!

Leave a Reply

Your email address will not be published. Required fields are marked *