Main content
Internet safety
Course: Internet safety > Unit 1
Lesson 2: Ask Google: How do I keep my account safe?- How to keep your online accounts secure
- Why creating a strong password really matters
- Yes, you need a password manager. Here’s why.
- How adding your phone number and 2-factor authentication helps protect your account
- How can I review the security of my account?
© 2023 Khan AcademyTerms of usePrivacy PolicyCookie Notice
Yes, you need a password manager. Here’s why.
Password managers let you easily create, save, and manage all your passwords which can help protect your online accounts.. Learn why you should start using one.
To learn more about how you can keep yourself safe while on the Internet, visit: internet-safety.khanacademy.org. Created by Sal Khan.
Want to join the conversation?
My question is if someone logs into my password manager, won't they have access to all my passwords?(15 votes)
Yes, this is the Achilles heel of the password manager. To reduce this risk, password managers require that you have a very strong MASTER password that is almost impossible to guess. Password managers often have 2 Factor Authentication (which is when you need more than a master password, like a text to your phone or email) to be able to log in. Password managers are typically very strong on the server end and are super hard to crack into.(4 votes)
How do you know if you can trust a password manager to not steal your accounts?(12 votes)
Try looking up online reviews, look at the developer (if this is the only thing they've really made / they're from a shady place). If the manager has thousands or even millions of downloads, even if it does steal your information, the odds are very low that they will actually use it against you. Probably will just sell it for money. Some safe ones to use are Bitwarden, Dashlane, and NordVPN (the former of which is free and the other two are not).(12 votes)
- But what if someone got into my mobile device?
Wouldn't they get into all my accounts if I had a password manager?(8 votes)
This may depend on what password manager you are using, but most password managers require a password or biometric authentication every time you open it. So even if your mobile device was unlocked and someone was able to access it, they wouldn't be able to access your password manager.(2 votes)
Peanut Butter and jelly the long ways(6 votes)
What are the chances of a password manager you use getting hacked? Because that would leak all of your (and probably a lot of other users) passwords to the hacker.(3 votes)- I don't know about other password managers, but the one I use is called 1Password. It saves all your passwords, but you need one password that you can remember on your own to unlock. So as long as that one password that you remember is strong, your passwords should be safe.(3 votes)
how do i trust anyone(4 votes)
You can ask someone who is elder or experienced person.(1 vote)
So what I'm understanding is that I'll get hacked if I don't use a password manager.(2 votes)- No, its just that password managers help you keep track of all your different passwords.(5 votes)
Would it be smart to type out my passwords on a google document to remember all of them?(3 votes)
Kinda because what if you accidentally share it then whoever you shared it with can hack you.... and also let's just say that there is a project that you want to share with a online friend what if you share the wrong thing but I guess it could be fine(3 votes)
- what do you do when you forget your passwords and you don't have password managers?(2 votes)
- Many websites have a "forgot a password" feature. If not, you should try to find their customer support center. If they don't have one, you can either make a new account or give up the website (if it is missing those essential features then it probably isn't very well-made).(5 votes)
- Any recommendations for a trusted password manager?(2 votes)
- Some good password managers include Bitwarden and Dashlane, both of which are free. NordVPN is also a good one, but that one is paid.(3 votes)
Video transcript
- So Guemmy, you're... Which I agree with. You're telling us to have
hard to break into passwords. But then the obvious question is how does a normal human being manage all of these passwords, that don't have regular words in them? They can't reuse the same
password over and over. How do we manage all of this? - Yes, great question. It is really hard to keep up with all of the different services. I don't know about you, but I
use over a hundred services, and the only reason I know that, (Sal and Guemmy laugh) is actually because I've
used a password manager, and seeing the list actually surprised me. Password managers are great, because they can automatically
save the passwords for you. And they're super convenient, because once you go back to a website, not only do they check that
it's not like a phishing website or somebody pretending to
be the legitimate website, but they'll also conveniently
fill in your password for you, and you just click a button. And so it's super quick,
especially if you're on mobile. It's been a lifesaver. One thing that I've always
worried about password managers, is sometimes I'm logging
in from my laptop, sometimes from my phone,
sometimes from my wife's laptop, will the password managers
work across multiple devices? - Yeah, different password managers definitely have different capabilities, but at least on Google, when you're signed into
your Google account, on the various devices, then yes, we can pull together
all of the information, from that password manager, and display it on the different
devices that you're using. - And how do you compare
a password manager, which can kind of store all
of these things locally, and be able to fill in when you need it, and keep track of it. To being able to use a service. You know, obviously Google
has it, you have Apple, You have other folks, who have once you sign into that account, that allows you to sign
into other accounts. Do you recommend both? How do you compare those two things? - I think it's up to the user's choice, and so sometimes users
are going to be limited because of what the
website developer has done. For example, not all websites
offer the sign in with Google, with Apple, sign in with
Facebook, et cetera. But all websites do have passwords, and so at a minimum you can
always have your own username, and password for that service, and then store it in the password manager. Alternatively, if you don't wanna create, a bunch of new accounts
all over the internet, you could definitely use your
Google account for instance, and sign in into various services
using your Google account. I personally like that option because it actually reduces the
number of different accounts I have to worry about. And I mean of course Google is backed by the strongest security, among the strongest in the industry, so it's something that I feel good about. - Thanks for that Guemmy.