Setting up a password manager
For those that have never used a password manager, it may come across as daunting and complicated to set one up. It’s not – you can do this.
While it will take time to set-up, populate and organize your new password vault, and learn how to quickly access your passwords, it will become second nature over time. The key is to just get started.
Action Plan
Step 1: Choose a password manager
Review features and pricing and choose an option that works for you. Using your desktop or laptop computer, download software (if available) and set-up an account.
Step 2: Create a master password
Follow the guidance below on choosing a master password that is long, strong and memorable.
Setting up a master password
Your master password is a single, strong password that gives you access to your password vault. Make it long, strong and memorable.
- Use a passphrase - a sequence of random words and characters strung together to create a password (20-30 characters)
- Make sure the password is unique, and that you don’t use it for anything else
- If you change your master password, change it completely
- Test the strength of your master password – use an online tool such as bitwarden.com/password-strength
Step 3: Add browser extension
The browser extension will allow you to save all your favourite sites to your vault automatically, generate new passwords, and easily fill your login credentials.
Step 4: Populate your password vault
Start gradually – there is no need to add everything all at once. Many password managers allow you to import passwords from your browser, a CSV file and other password managers. To more easily manage your passwords as the number of stored accounts grows, group or categorize your sites.
Step 5: Download the mobile app
The mobile app will allow you to access your password vault from your mobile device.
Step 6: Perform a health check
Check for duplicate, weak, default and stolen credentials, and use the password generator to reset the passwords for those accounts.
Step 7: Plan for the future
Include your master password and instructions on how to access your vault with your estate documents and other important papers.
Step 8: Go further
- Store other information you’d like to protect, such as credit card details, passport information, and notes/documents you don’t want anyone to see.
- Explore additional features like secure sharing of passwords and/or folders. Many password managers also allow you to save time online through automatic form filling.
- Review and update your security settings.
- Don’t forget other security measures to stay safe online, such as using multi-factor authentication (MFA) wherever available, and keeping your computer and mobile devices up to date..
Password Manager Options
There are various factors to consider when choosing a password manager, including cost, desired features, number of users (e.g. personal vs. family plan) and just general aesthetics/usability. The grid below compares some of the industry-leading/popular options.
For departmental/faculty use of a password manager, a Privacy Impact Assessment (PIA) must be completed prior to use. A PIA is not required for personal use.
| Features | 1Password | Bitwarden | Dashlane | KeePass | RoboForm |
|---|---|---|---|---|---|
| Plans | Individual / Family | Single / Family | Personal Free / Personal Premium / Friends & Family | Individual | Personal Free / Personal Everywhere / Family |
| Approx. price / per year (CAD) | $45 / $72 | Free / $55 | Free / $55 / $83 | Free | Free / $25 / $50 |
| Number of devices | Unlimited | Unlimited | Free – Limited to 1 / Unlimited | Unlimited | Free – Limited to 1 / Unlimited |
| Cloud-based storage | Free – / | ||||
| End-to-end encryption | |||||
| MFA | Free – / | ||||
| Biometric login | |||||
| Password sharing | |||||
| Password generators | |||||
| Password import | |||||
| Security breach monitoring/alerts | |||||
| Encrypted file storage | |||||
| Autofill Passwords | |||||
| Website | 1password.com | bitwarden.com | dashlane.com | keepass.info | roboform.com |