When we start using a password manager, we're doing one of two things:
- it could be a switch from one password manager to another, or
- it could be a transition from relying on some combination of memory and insecure records (one client previously used Microsoft Sticky Notes to save passwords "pinned" to their Windows desktop－you're not alone)
This short guide deals with #2, and how to reduce the burden of transition for a busy professional.
Using a password manager is not difficult. Any new tool or practice can feel difficult or slow. The problem of switching to a password manager for the first time is the burden of migrating from the old "system" to the new password manager.
None of us are starting with a clean slate. We all have accounts already, with all of the credentials that usually entails.
To most people, we suggest switching over gradually to avoid becoming overwhelmed.
Let's get started
1. Import whatever credentials you can
The first step is using the automated options wherever possible, as this is the least effort-intensive and mostly automatic.
Transitioning to a password manager is far easier when you can import. Importing lets you bring over credentials in bulk. You'll be able to import if the tools you're already using to handle storing passwords is supported by your new password manager.
2. Stop your browser saving/suggesting passwords for you
Unless already disabled, you'll want to stop the browser from saving passwords for you. If the browser saves passwords automatically, you'll find yourself with duplicate entries in the browser which will confuse you about which credentials you have or haven't imported.
3. For every credential that you can't import, create a new entry in your password manager
Sometimes you can't import. This is likely because the credential only exists in your memory, or because the credentials were kept somewhere not intended for password storage. Microsoft Sticky Notes comes to mind.
4. Now repeat #3 for every username and password you can't find in your shiny new password manager
If you only have time to do till #3, go ahead and just start using your password manager. But, every time you search in your password manager and can't find a password, you'll be reminded that the password is stashed somewhere else or in your memory. When this happens, take a moment to save the credential into your password manager.
Remember! Any new account you make, use the password manager straightaway
When you reach a signup screen, open your password manager. Create a new entry. Plug in the username you intend to use. Use the password manager to generate a random and long password, at least 16 characters, using as many types of characters (symbols, numbers, capitalized, lowercase) the signup will allow. Save.
Then go back to the signup screen and just copy-paste in your credentials.