Do you keep your passwords in a notebook? On scraps of paper near the computer? You’re not alone. Many people, especially those of us who didn’t grow up with the internet, find passwords hard to manage. Every website wants a “strong” one. Some insist you change them regularly. And it’s easy to forget which one you used last time.
But there is a better way — and it’s easier than you think.
🧠 The Password Problem
The more websites and apps we use, the more passwords we need. It’s tempting to reuse the same password everywhere — but that creates a big security risk. If just one site is hacked, all your accounts could be in danger.
Others write passwords down in notebooks, or on sticky notes, but that has its own problems:
- The password might be out of date after a change.
- It might be missing important details like the website or username.
- The username might not be an email but something obscure — like a membership number — making it hard to remember which login goes with which site.
- The notes could be lost or seen by someone else.
What if there was a way to remember just one strong password, and have the rest looked after securely and automatically?
✅ What Is a Password Manager?
A password manager is a secure “vault” that stores all your passwords and login details. You only need to remember one master password — the key to unlock your vault. The manager can then:
- Automatically fill in login details when you visit websites.
- Suggest strong, unique passwords for new accounts.
- Sync across your devices (computer, phone, tablet).
- Store other sensitive information like PINs, health IDs, or secure notes.
It’s like a digital version of your password book — but encrypted, backed up, and locked with a key only you know.
🔒 How Secure Is It?
Zero Knowledge Encryption
A good password manager (like Bitwarden) uses zero knowledge encryption. That means your data is encrypted before it leaves your device, and the company storing it can’t read it — even if they tried.
Local Decryption Only
Your passwords are only unlocked on your device, after you log in with your master password. Even if someone breaks into the company’s servers, all they’ll get is unreadable gibberish.
What If Someone Gets My Master Password?
That’s a valid concern. Just like a house key, if someone gets your master password, they could open your vault. That’s why it’s important to:
- Use a strong master password (you can write it down and keep it in a secure place — just don’t lose it).
- Enable two-factor authentication (2FA) — this adds a one-time code sent to your phone or generated by an app, making it much harder for anyone else to get in.
🧾 Family Sharing and Planning Ahead
👪 Securely Share Passwords
Password managers can let you share selected logins with your partner or family, without having to tell them the actual password. Great for shared MyGov, banking, or entertainment accounts.
🧬 Digital Estate Planning
What happens if something happens to you? Some managers let you set up emergency access, so a trusted person can access your vault if needed. You can also write down your master password and instructions and store it securely with your important documents.
🔐 What About Passkeys?
Passkeys are a newer, more secure way to log in to websites without needing a traditional password. Instead of typing something in, you simply use your fingerprint, face recognition, or a PIN — just like unlocking your phone.
How Does It Work?
When you create a passkey, your device (like your smartphone or computer) stores a special, private “key.” When you try to log in, the website sends a challenge, and your device proves who you are — securely — without revealing your key.
It’s more secure than passwords because:
- You don’t type anything that could be seen or intercepted.
- It only works with the actual website — phishing scams won’t trick it.
- You don’t have to remember anything.
Using Passkeys on Shared Computers
Let’s say you’re at the U3A office or on a shared family computer. You want to log in to your Google account — but don’t want to type your password.
With Google passkeys, you can scan a QR code that appears on the screen using your smartphone’s camera. Your phone then asks for your fingerprint or PIN to confirm it’s you. Once approved, the computer logs you in — without typing a single character.
This works even in a private browser window and doesn’t store your login afterward — useful for temporary access or shared environments.
📋 Comparison of Password Managers
| Name | Cost | Platforms | Passkey Support | Notes |
|---|---|---|---|---|
| Bitwarden | Free (fully) | Windows, Mac, Linux, Android, iOS | ✅ Basic now, improving | Open-source, highly trusted, recommended |
| 1Password | Paid | All major devices | ✅ Full support | Polished, great for families |
| Dashlane | Free & Paid | All major devices | ✅ | Clean interface, includes alerts |
| Browser-based (e.g. Chrome, Edge) | Free | Only works in the same browser | ❌ / Limited | Fine for beginners, but not ideal for families or multiple accounts on one site |
⚠️ Browser password managers (like the one built into Chrome or Edge) can be handy, but they have limitations:
- They may not handle multiple accounts on the same site well.
- They only work if you’re always using the same browser.
- They don’t offer good options for secure sharing or digital planning.
🚀 Getting Started
You don’t need to switch everything over at once. Try this:
- Choose a password manager — we suggest Bitwarden to start.
- Install it on one device (e.g., your computer).
- Let it offer to save your passwords as you log in to websites.
- Slowly build your password vault over time.
- Consider asking a family member or a Tech Café volunteer to walk you through it.
You’ll soon wonder how you managed without it.
⚖️ A Word of Caution — and Balance
Password managers may not be for everyone, but a good one does its best to protect your privacy and security.
It’s still important to remember:
- Using a password manager creates a single point of failure — your master password must be well protected.
- Password managers are an obvious target for attackers.
- That’s why you should use a strong master password and enable two-factor authentication when possible.
But on the other hand:
Not using a password manager brings its own risks:
- Writing passwords down (and losing or misplacing the paper).
- Forgetting which email or username you used.
- Falling for lookalike websites when you’re tired or distracted.
- Reusing the same password everywhere, making all accounts vulnerable.
A good password manager helps reduce these risks. It’s not perfect — but for most people, it’s a big step forward in both security and convenience.
📚 Want to Learn More?
Here is another post in our Tech Café blog: Password Managers and VPNs
Credible sources related to the topic discussed in this post:
- 🇦🇺 Australian Cyber Security Centre – Password Managers
- 🇦🇺 eSafety Commissioner – Protecting Personal Information
- 🌍 EFF – Creating Strong Passwords
- 🌐 World Password Day – First Thursday in May
✅ In Summary
Password managers may sound technical, but they’re built to make life easier. Instead of dozens of passwords, you remember just one. The rest is automatic, secure, and surprisingly simple.
Start small — try Bitwarden, write down your master password and store it safely. Ask for help if you need it.
Because strong passwords are important — and now, they don’t have to be hard to manage.
About the image
“VOLKSWAGEN: QUEL MILIONE BUTTATO IN PASSWORD DIMENTICATE” by automobileitalia is licensed under CC BY 2.0.