In this activity, you’ll find out what a password manager is and how it can help you keep your passwords organised and secured. You’ll learn about Master passwords and how to make one that is easy to remember but also secure.
Start activityWhen you have lots of passwords to remember, it’s often safer and more secure to let a special kind of software, called a password manager, look after them for you.
There are two main kinds of password manager. Most web browsers have a password manager built-in. Every time you create a new password, the browser offers to remember it for you. Some even offer to create the password for you, too. But this only works with that particular web browser.
The second kind of password manager is a separate app installed on your computer or device. It doesn’t need a particular browser to work, and some can even manage passwords for other apps.
You can think of a password manager like a traditional keychain, with each individual key a different password for a different app or website.
Your collection of passwords is protected by a Master Password which you use to sign in to your password manager.
Then, each time a website asks for a password (for example, your supermarket, some banks, or even my.gov.au) the password manager provides the password automatically. You don’t need to remember it, or type it in.
When you join a new website and need to make a new password, or even want to change an old password, you can let your password manager create this for you.
You can choose a password in the password manager’s app, or let it computer-generate a password.
Unless a website says otherwise, it’s safest to let your password manager computer-generate passwords for you. These passwords, which look like a random sequence of numbers, letters and symbols (for example, A4cre~3wx09q1) are virtually impossible for humans to guess, and very difficult for password-cracking programs to break into.
Banks, government websites, and some other websites, may generate your password automatically. Your password manager can still remember this password, and it is safe to use this password.
Your password manager is protected by a master password, but most password managers also recommend that you set up extra steps to sign in, for additional security.
These steps are called multifactor authentication and involve a few simple extra steps after you enter your master password.
Multifactor authentication (MFA) is a catch-all term for an extra step of verification after entering a password. It might also be called Two-factor authentication, or 2FA.
Common examples of MFA include nominating a mobile phone number, which will receive a code each time you need to sign in to your password manager. Or you might get this code using a separate Authenticator app.
Some paid password managers provide tighter MFA security, in the form of a USB key. This is a small device you plug in to your computer. Each time you sign in, you push a button on the device, and it sends a unique code to authorise your master password.
Your password manager includes a cloud account, and all your passwords are backed up to that account. This lets you access them from any device, as long as you know your master password.
For security, the master password is not backed up to the cloud.
You can learn more about the cloud in the What is the cloud? course.
Every password manager includes a dashboard or settings screen as part of the app, which you can use to view your saved passwords.
When a password manager saves your passwords to the cloud, the passwords are strongly encrypted so no one else can view them. All you need to remember is the master password.
A password manager makes it unnecessary to write down your passwords and store them. The only password you need to make a record of is your master password.
You should keep this master password in a safe place where nobody else can see it.
Some password managers ask for a monthly fee, usually around $6-12, and offer extra features. These features include a secure place to keep notes, and monitoring of your passwords to see if they have been compromised.
This is the end of the What is a password manager? activity. You’ve learned the main features of a password manager and how it works.
Up next, find out about Free password managers, including those that come with your web browser.