How to Create & Store Unique Strong Passwords Even If You Suffer From Dementia

Managing multiple strong passwords can feel impossible, especially with complex requirements and the need for security.

Fortunately, password managers like Bitwarden offer a solution.

In this article, we’ll explore how they simplify password creation, storage, and autofill, while enhancing security with multi-factor authentication and privacy features like plausible deniability.

The Complex Password Problem

So, you changed job, you picked up your shiny new computer from the helpdesk and then you had to enter that dreaded complex password.

To your dismay you realised that the company password policy is twelve characters long.

Worst still, you had to include one special characters like “& $ ? ! / % +, two capital letters and three numbers.

And you thought the interview was tough 😀

You then attended your security awareness training and you learned how you were not allowed to write your passwords on a Post-it.

So how the hell are you supposed to remember a 12-character complex password?

It doesn’t matter, the next morning, you were back at the helpdesk changing your forgotten password.

Sound familiar?

I'm sure that your company probably recommends you store your difficult to remember passwords in an company authorised password safe application.

Sounds good.

But what do you do with your personal passwords for all your online accounts?

Do you use the same complex password everywhere, or do you save them in your browser?

There are solutions.

Companies like Microsoft have developed a technology they call “passwordless” to solve this issue, using a combination of modern authentication methods like SAML, biometrics and trusted mobile devices like your phone or smart watch.

You remove the password option for Windows login, then all features on your device that require your Microsoft account and password, including various apps and web browsers, will seamlessly transition to using Windows Hello’s facial recognition, fingerprint identification, or PIN code.

But what if you don’t trust Microsoft to store all of your passwords?

Dedicated Password Managers

A good password manager turns password fatigue into peace of mind.

But what do password managers do?

Let’s take Bitwarden as an example.

Bitwarden is available in several forms, but let’s keep it simple, and just look at how it works for personal use.

You choose a single complex master password that you can remember, and register with your chosen email address. I’ll show you later in the article how to select a complex password you can remember.

Then you use a Bitwarden app to create, store and retrieve a different password for every single website or application you use.

That app can be in a web browser extension in Safari, Edge or Firefox, or an iPhone, Android, Windows, Linux or MAC app.

But using a different password everywhere, doesn’t that sound complicated?

No, its the opposite in fact.

Bitwarden allows you to generate and save a complex password by just clicking on an icon. That password is then pasted automatically into your desktop, mobile or web application, so you rarely need to type it in anywhere.

By rarely I mean you may have to do so when you set up your smart TV for the first time, because you will not have a Bitwarden app on your TV to copy and paste from.

The app automatically synchronises your passwords between your smartphone and PC or MAC.

You even get to choose to store your encrypted passwords in a Bitwarden datacentre in the US, or in the EU.

Useful if you live in Europe and you are paranoid about the US getting access to your personal data, or you care about your right to privacy.

There are other benefits too. 

You can protect access to your password safe using multi-factor-authentication (MFA) methods, and you can nominate another person to have emergency access to your passwords if you lose access or in the event of your death.

Pitfall Alert: Don’t write your master password on a sticky note. It defeats the purpose of secure storage. If you do write it on paper, store it in a sealed envelope in a secure fireproof safe, or in your bank safety deposit box.

Browser Password Managers

Web browsers like Safari and Edge also have password managers built-in, and they can synchronise your passwords using the Cloud.

But are they safe?

Yes and no.

If you always update your software, use a good anti-virus, never browse dubious websites, and never click on a malware link, the probably you can trust them.

But browsers Aren’t Fort Knox!

Safari, Chrome, and Firefox are handy, but they’re not built to be super secure password vaults. No matter how secure a company says their browser is, a malicious browser extension could in some circumstances steal passwords from your favourite browser.

Anyway, creating secure password vaults is not the main business for companies like Mozilla, Google, Microsoft or Apple.

I mean you are hardly going to get the best quality sushi from McDonalds if they add it to the menu are you, you will need to go to a specialist Japanese restaurant where its their main product line.

Tip: Disable saving passwords in web browsers. Period.

Add an Extra Security Step

Multi-Factor Authentication (MFA) adds an extra layer of security to your password safe.

It means even if someone gets your Bitwarden master password, they still need a second factor to access your account.

The second factor can be an MFA app like Google Authenticator, a hardware key like YubiKey or an authentication app like Cisco Duo.

Tip: Use an authentication app like Google Authenticator. It’s more secure than SMS text message codes.

How to Create & Remember a Strong Master Password

Use a passphrase instead of a single word like “password123”, use a phrase like “pancakesAreBetterThanWaffles!”.

Include numbers, uppercase letters, and symbols.

Example:

Turn “pancakesBetterThanWaffles!” into “p4ncak3sBetterThanWaff1e5!”.

Pitfall Alert: Avoid using obvious phrases like “Superman123!”, your date of birth, your cats name, information that can be easily found on social media, or that can be easily guessed.

Plausible Deniability

Usually plausible deniability means being able to deny something in a way that seems believable, because there’s no solid proof tying you to it.

In the context of using a password manager, it’s like storing your online bank account under a fake name.  So instead of adding an entry in Bitwarden called “Allied Irish Bank” you might add an entry called “Spar Loyalty Card” but you and only you know that it actually has the password for your online banking.

This gives you an extra layer of protection because it makes it harder for someone to get your online banking password even if they force you to log into your password safe.

Using Bitwarden to Autofill Passwords

Remembering each password is tough, but the autofill feature in Bitwarden makes logging in a breeze.

For autofill to work, you need to install and use the Bitwarden browser extension for Chrome, Edge, Safari, or Firefox, or whatever browser turns you on.

Enable autofill in Bitwarden settings.

That’s it.

When you visit a site like Amazon, the Bitwarden extension will pop up, offering to autofill your username and password. Just click, and you’re in.

Tip: Only use autofill on your personal devices. Avoid using it on public or shared computers.

In Summary

The article discusses the challenges of managing many unique strong complex passwords and introduces password managers like Bitwarden as a solution.

It explains how password managers generate, store, and autofill passwords securely, while also offering tips on protecting your password safe using multi-factor authentication.

Finally it covers how to create and remember a strong master password for your password safe, and how to protect highly sensitive information like your online banking account, using plausible deniability.