Setting up a password manager

Setting up a password manager

For those that have never used a password manager, it may come across as daunting and complicated to set one up. It’s not – you can do this.

While it will take time to set-up, populate and organize your new password vault, and learn how to quickly access your passwords, it will become second nature over time. The key is to just get started.

Action Plan

Step 1: Choose a password manager

Review features and pricing and choose an option that works for you. Using your desktop or laptop computer, download software (if available) and set-up an account.

Refer to the Password Manager Options comparison grid below of some of the leading products. Which one you choose is less important than simply choosing one and using it.

Step 2: Create a master password

Follow the guidance below on choosing a master password that is long, strong and memorable.

Setting up a master password

Your master password is a single, strong password that gives you access to your password vault. Make it long, strong and memorable.

  1. Use a passphrase - a sequence of random words and characters strung together to create a password (20-30 characters)
  2. Make sure the password is unique, and that you don’t use it for anything else
  3. If you change your master password, change it completely
  4. Test the strength of your master password – use an online tool such as

Step 3: Add browser extension

The browser extension will allow you to save all your favourite sites to your vault automatically, generate new passwords, and easily fill your login credentials.

Turn off the password manager built into your browser. They lack security and flexibility.

Step 4: Populate your password vault

Start gradually – there is no need to add everything all at once. Many password managers allow you to import passwords from your browser, a CSV file and other password managers. To more easily manage your passwords as the number of stored accounts grows, group or categorize your sites.

By simply logging into sites as you are browsing on your , the browser extension will save them to your vault automatically - no need to add them manually.

Step 5: Download the mobile app

The mobile app will allow you to access your password vault from your mobile device.

Turn off the built-in password manager on your mobile. This way, you can be sure you’re only storing passwords in a single location.

Step 6: Perform a health check

Check for duplicate, weak, default and stolen credentials, and use the password generator to reset the passwords for those accounts.

You don’t need to change all your passwords immediately - start with sites that store high-risk information such as your email and banking, and ones that have been compromised.

Step 7: Plan for the future

Include your master password and instructions on how to access your vault with your estate documents and other important papers.

Step 8: Go further

  1. Store other information you’d like to protect, such as credit card details, passport information, and notes/documents you don’t want anyone to see.
  2. Explore additional features like secure sharing of passwords and/or folders. Many password managers also allow you to save time online through automatic form filling.
  3. Review and update your security settings.
  4. Don’t forget other security measures to stay safe online, such as using multi-factor authentication (MFA) wherever available, and keeping your computer and mobile devices up to date..

Password Manager Options

There are various factors to consider when choosing a password manager, including cost, desired features, number of users (e.g. personal vs. family plan) and just general aesthetics/usability. The grid below compares some of the industry-leading/popular options.

For departmental/faculty use of a password manager, a Privacy Impact Assessment (PIA) must be completed prior to use. A PIA is not required for personal use.

IT Service Owners or IT Administrators at UBC: Learn more about Privileged Access Management through UBC’s Enhanced System Access Management (eSAM) tool.
Features 1Password Bitwarden Dashlane KeePass RoboForm
Plans Individual / Family Single / Family Personal Free / Personal Premium / Friends & Family Individual Personal Free / Personal Everywhere / Family
Approx. price / per year (CAD) $45 / $72 Free / $55 Free / $55 / $83 Free Free / $25 / $50
Number of devices Unlimited Unlimited Free – Limited to 1 / Unlimited Unlimited Free – Limited to 1 / Unlimited
Cloud-based storage Free – /
End-to-end encryption
MFA Free – /
Biometric login
Password sharing
Password generators
Password import
Security breach monitoring/alerts
Encrypted file storage
Autofill Passwords