There are many methods to organize and maintain your list of passwords to websites and accounts. Each of these methods will have advantages and disadvantages. This document reviews what you need to keep track of and offers a few ways to do so. This document is being posted on 2 Mar 2020 and will be updated with additional information and tools over the next few days. The amount of time spent on improving this document will be based on the initial interest in it.
For a podcast audio on this topic, visit Password Management (Podcast E19). [View]
Browser Password Saving Isn’t Enough
On your computer, the browser you use for viewing websites probably offers to save your passwords when you login to a website. While this makes it easier to login to websites, there is more information you need to keep track of with your accounts such as: account number, account PIN, answers to security questions, and other information. Browsers that save login information will give you a way to view and edit your email and password for each site you’ve saved, but don’t store other information. That’s why password management systems are needed.
What Information to Save
For account logins, you’ll want to record all the information related to that account, such as:
- Address. It is helpful to know what address is on file for accounts. This is useful if you have a P.O. Box separate from your home address, or if you use a business address for some accounts. If you move, it’s helpful to know at a glance which accounts have your updated address.
- Date. It’s important to make a note of the date when changes are made to your account. This can help you recognize the latest changes and keep a running record of old passwords used for an account. You can also quickly see if an account hasn’t been updated for a long time.
- Email. It’s important to record what email address you have associated with each account you have. Many people have multiple email addresses and then they forget which one they used for a certain login. Be sure to keep all your accounts updated with a current email.
- Financial. If you use a credit card for an account, you may want to make a brief record of that so you can see what accounts have soon to be expiring credit cards. If you are recording separate entries in your system for financial records, then you’ll want to securely make a note of all credit cards and their data. Be sure to make a note of which cards you carry with you daily, and the phone numbers to report lost or stolen cards.
- Name. For some accounts it is relevant to know what name you used for the account. Did you provide your full name or just your short form name. Is the account in your spouse’s name?
- Phone. What phone number did you provide for your account? Home? Mobile? Work? Usually a mobile number will be used so you can receive security text codes. If you change your mobile number, be sure to update all your accounts with the new number.
- Security Questions. Many accounts have security questions on file that you may need to answer periodically. Typically there will be 2 or 3 questions you select from a list to be your security questions, such as what your first pet’s name was, what street you grew up on, what was the first city you visited, name of your first boss, mother’s maiden name, model of first car owned, etc. NOTE: For added security, some people will use answers that are not accurate and use different answers from one account to another. The reason for this is because accounts sometimes get compromised, sometimes billions of accounts get compromised, so you don’t want to risk having the correct information about yourself made public. This approach is only for advanced users. A beginner may get flustered or misplace their login information and not be able to remember what answers they made up.
- Software Licenses. For some programs, anyone with your software license number can use the software and potentially lock you out from using it if the maximum installations are reached. More secure software will require that you login or provide some other details before activating.
Seven Password Management Methods
These are seven different methods of recording your password and account information. Each person willl likely find that one works better than another for their own needs and preferences.
- Binder. A three ring binder, or other type of binder with removable pages, allows you to have pages organized alphabetically by account.
- Book. Some people like to use a small book to record passwords. Having a bound book helps avoid losing pages. However, it can quickly become disorganized and pages can become full with cramped notes that can be difficult to read.
- Cardfile. An 3.5-inch card file box can be a good way to organize logins alphabetically, and like the binder, it can easily be added to.
- Offline. If you have an old laptop computer, you could use that as a dedicated password manager. Maintain a text file or spreadsheet on that computer that you keep updated. That way it isn’t sitting on your daily use computer for someone to find. Another option would be to use a USB drive to store your password file and only attach that when needed. See Spreadsheet and Text File below for more details.
- Software. The term password manager usually refers to an app on your smartphone that allows you to conveniently store login information for various websites and accounts. Most of these apps will store or backup your passwords to the cloud, perhaps without you being fully aware. Some allow you to synchronize from your smartphone or tablet over WiFi to your computer without using the Internet which is presumably the most secure method for synchronizing. If you save credit card information, bank account details, reward cards, and other information, the password manager software will typically prompt you for the relevant information. For example, if you’re storing credit card information, you’ll be prompted to enter in the expiration date, the code on the back, and other details.
- Spreadsheet. Microsoft Excel would let you store passwords and other account information in a list and sort that list by various descriptive categories. You could also have the file password to prevent unauthorized access. There are free spreadsheet programs like LibreOffice that could be used as well.
- Text File. Microsoft Word would let you store passwords and other account information in a list alphabetically. You could also have the file password to prevent unauthorized access. There are free spreadsheet programs like LibreOffice that could be used as well. Or you could use the Notepad program included in Microsoft Windows, or the TextEdit program that comes on every Apple MacOS computer.