With technologies like SSO and one time passwords becoming more common there is less and less need for traditional passwords. These methods are more secure and in the case of SSO can provide significant quality of life improvements. But there are a lot of cases where you will still need passwords, not every login accepts SSO, especially if you are dealing with with system configuration. This guide will go through basic procedures for protecting the passwords that you still have to deal with.

I've seen a lot of discussion over the proper place to store passwords if they should even be stored at all and it has lead me to form a few opinions. First I'd like to describe a few terms that I may use throughout this article to describe different importance levels of passwords:

Root Passwords: The most important passwords, these passwords control access to your most important services (Password Manager Login, SSO Logins, Microsoft, Google, Mozilla) a root password should either be remembered or stored in a secure physical location.

Secondary Passwords: Passwords that could potentially cause as much damage as a root password, but are used more often(Bank Creds, Social Media Logins).

"Default Credentials": Bad passwords that are usually used for convenience

Strong Passwords: Passwords that are created by a password generator or can be verified to be secure.

With these terms defined we can start our discussion

Password managers get a lot of hate because in most peoples mind you are simply gathering up your passwords for an attacker to find. This would be the case if there weren't verifiably secure password management solutions that you can implement yourself. This solution could be as simple as a password encrypted text file, by storing that encrypted file on a flash drive and only plugging it in when you need the passwords you can effectively airgap your passwords when they are not in use. In this example, you would use a root password to unencrypt the file and you secondary passwords would be stored inside. This model would work if you are extremely paranoid and not worried about quality of life issues. This setup can be replicated using password manager technologies to provide a higher quality of life while also maintaining superior security.

I can't tell you every password manager that exists, and I can't recommend any one manager with 100% certainty, but I can give you the tools required to make an informed decision. There are are few different types of password managers including cloud based, local, and browser/integrated password managers, password managers usually fall into multiple categories.

Even with all of these security measures sometimes it's out of your control, companies are breached everyday, and you use these companies services every day, so how can you protect yourself if you discover a password has been breached. As with every topic there is a lot of nuance, the steps to remediate your bank credentials being stolen will probably be different, but the methods described below will work the same.

Even with all of these security measures sometimes it's out of your control, companies are breached everyday, and you use these companies services every day, so how can you protect yourself if you discover a password has been breached. As with every topic there is a lot of nuance, the steps to remediate your bank credentials being stolen will probably be different, but the methods described below will work the same.

Even with all of these security measures sometimes it's out of your control, companies are breached everyday, and you use these companies services every day, so how can you protect yourself if you discover a password has been breached. As with every topic there is a lot of nuance, the steps to remediate your bank credentials being stolen will probably be different, but the methods described below will work the same.

Ok I'm sure you're tired of hearing the word password manager so we'll wrap this section up, what I want you to take away from this is (as always) that different problems require different solutions. Using a combination of these different solutions will provide you superior security while also maintaining a good quality of life, for example if you use an integrated password manager you can treat it as a root password (store the password physically), or if you have a local password manager, you can store the integrated managers' password there as long as the local password managers password is treated as a root password.

Even with all of these security measures sometimes it's out of your control, companies are breached everyday, and you use these companies services every day, so how can you protect yourself if you discover a password has been breached. As with every topic there is a lot of nuance, the steps to remediate your bank credentials being stolen will probably be different, but the methods described below will work the same.