What is the best way to store your passwords?

As much as we’d like passwords to be just an afterthought in our daily lives, they tend to take up far more brain space. Social media, email, e-commerce, apps, smart devices—we need passwords all the time, and that’s not even getting into all the work accounts we need to manage.

To turn this overload of credentials into a breeze, today we’re going to discover the best ways to store passwords. We’ll look into essential strategies you should follow, as well as bad practices you might need to leave behind. So, how can you store your passwords safely?

Why proper password storage matters

How many personal accounts can you remember off the top of your head? Don’t worry if you can’t name every single one, especially those sites you signed up on for a single use. After all, according to a 2024 study, a person handles as many as 168 passwords on average—that’s no small feat to remember.

No wonder people fall into the temptation of creating one password and using it on every account, with some variations to meet requirements like uppercase letters or special characters. That way, they don’t need to write it down or remember multiple passwords.

However, the easy way out is not the safest one. July 2024 alone saw the largest compilation of leaked credentials to date, involving nearly 10 billion passwords contained in a plaintext document. The credentials came from various breaches, and if they include passwords that have been used multiple times, cybercriminals have the opportunity to overtake even more accounts.

Whether you’re using older credentials or have updated them, you should look into the best way to store your passwords. However, before getting to the storage options, let’s review your password management habits.

How not to store passwords

Account security can be stressful, and it’s no wonder that people look for strategies that prop up convenience. Whether it’s to save time when you’re in a hurry or to make it easier on your brain to remember the password to all your accounts, you’ve likely developed password management habits that are easy to remember but not necessarily secure enough.

When it comes to your cybersecurity—especially your password storage—you don’t want to foster bad habits. So, here are a few things you should not do when you handle your credentials.

• Don’t reuse the same password for multiple accounts. Whenever you create an account with a password you’ve used before, the risk of it being breached grows higher, and one compromised password can endanger all accounts using it.

• Don’t try to memorize all your passwords. To avoid repeating passwords, some might try to personalize them for each platform by tying them to the platform itself. For example, imagine setting “minecraft” as the password for your game access. Such passwords are some of the easiest to crack in a brute-force attack. In fact, “minecraft” is among the top 200 most-used passwords in the world. By trying to make things simple, you can make them simpler for cybercriminals.

• Don’t store your passwords in a browser password manager. If you use a major browser, like Firefox or Chrome, you’ve saved your login details at least once. Browser-based password managers are not the best way to store passwords when it comes to privacy. You can learn more about how browsers compare to third-party password managers in our blog post.

• Don’t store passwords in plaintext documents. Creating a text document, a spreadsheet, or a screenshot to keep track of your passwords can make the search simpler but at the cost of security. Don’t keep your passwords in an unencrypted file on your computer or phone. If your device is breached or stolen, your credentials might end up in the wrong hands, and you might lose all access to your accounts.

• Don’t write passwords in notebooks or on Post-it notes. Keeping an unencrypted file is just a step above storing them on paper. It’s all too easy to lose a paper slip with your banking password or accidentally throw out your work email credentials. At the end of the day, you might end up with a pile of paper scraps and still not find the right password.

• Don’t share your passwords with anyone. Some exceptional cases may happen, especially when it comes to work-related passwords (and we’ll get to them), but overall, the best practice is to avoid sharing your passwords with other people when possible. If you need to share access, make sure you’re not using that password on other accounts to stay on the safe side.

How to store passwords securely

Now that you’ve got the bad habits identified, you’re ready to build better ones. Figuring out how to store passwords securely is a small learning curve. All you need to do is make a few small changes, and the rest of the process will be handled pretty much on autopilot. Here’s what you need to do to store and manage passwords securely:

• Set up a password manager. Step one is the easiest part of the process. A password manager like NordPass ensures that your sensitive information is accessible to you only, keeping it away from prying eyes. In fact, some of the following steps to secure password storage are made easier by password managers.

• Create unique passwords for all your accounts. This sounds like more work than it actually is. You can’t imagine a password manager without a password generator—a tool that lets you create strong and unique credentials with a single click. However, you can put your own creativity to use, too—we’ve got a guide to creating a truly secure password that you can remember.

• Switch on your password manager’s autofill and autosave settings. Perhaps the biggest struggle in handling passwords is remembering where the right credentials are. NordPass solves this problem with autofill. Each time you want to log in, NordPass automatically detects the required login details in your vault and fills them out for you. And if you’re logging in to a site for the first time, NordPass lets you save these details with just a click.

• Ensure your passwords are up-to-date. Have you randomized your passwords to strong and unique variations? Great! Just don’t forget to update them from time to time. To learn whether your passwords are old, weak, or reused, check out NordPass’ Password Health.

• Keep an eye on newly discovered breaches. Living in the unknown of password breaches can be stress-inducing. With NordPass, you can set up the Data Breach Scanner to keep track of any incoming breaches containing your sensitive data, such as passwords, email addresses, or credit card numbers.

Best practices for storing business passwords

The general dos and don’ts of business password management aren’t that different from what we’ve discussed so far. Nevertheless, here are some of the best ways to store passwords at work:

• Don’t mix up personal and work-related login credentials. Reusing the same passwords for personal use is risky enough. If they’re used for corporate accounts as well—especially those shared between different employees—the risk of company data being compromised increases significantly.

• Only share via encrypted channels. If you use shared accounts at work, ensure you’re using a secure tool to hand access to your colleagues. NordPass uses XChaCha20 encryption and lets you share access to credentials within your team. You can even change access permission levels to allow others only to autofill passwords without revealing them.

• Set up easy access to multi-factor authentication. MFA adds an extra layer of protection to your accounts. With NordPass Authenticator, you can store and generate time-based one-time passwords (TOTPs) required to access work accounts right next to the login credentials.

The best way for you to store your passwords is with a password manager, and NordPass makes it convenient for both work and daily life. NordPass ensures that your sensitive data remains secure thanks to its zero-knowledge architecture, keeping your passwords encrypted on the device before they even reach our servers. You can access NordPass as a browser extension or on your mobile device and have all your essential details synchronized and easily accessible wherever you are.

With NordPass, you can manage your online life with ease and rest assured that all your passwords are safe.