On Password Managers

If you can remember a password, it is probably not safe enough to use.

People make passwords short because long ones are hard to remember. They draw inspiration from their own lives, birthdays, pet names, favourite teams, because that is how human memory works. They reuse passwords across multiple sites because remembering dozens of unique ones is not realistic. And when they try to be clever, they pick a theme and vary it slightly, convinced that adding a number or a symbol at the end makes each one unique. It does not fool anyone.

We are not wired to be machines. Expecting yourself to generate and remember genuinely random, complex, unique passwords for every service you use is not a reasonable ask.

A password manager does that for you. You remember one password, your master password, and the software handles everything else. Every account gets a long, random, unique password that you never have to think about.

This matters more than most people realize. Quantum computing will eventually make today’s weak passwords trivial to crack. The passwords people have memorized and reused for years will be the first to go. The ones generated by a password manager will hold up considerably longer.

One password to remember. Everything else taken care of.