Colorado Supreme Court

Office of Attorney Regulation Counsel

Promoting Professionalism. Protecting the Public.

Hackers love easy targets; don’t be an easy target

The only thing between all your personal and financial information and a hacker is a password. Password Managers are a great tool to help you create stronger and unique passwords for every site.



In this digital age, convenience usually trumps security, putting your identity, finances, and client data at risk. But a password manager, as recommended by security experts, provides both convenience and increased security.

Password managers are programs that store all of your passwords, regardless of how simple, random, long or short it may be, and protects them under one single password. Once a user visits a website and enters their login information, the password manager captures the information for future logins.

This eliminates the need for the user to remember the credentials in the future. Now, only the master password has to be remembered to log in to the manager itself and access the entirety of passwords.

If a user is creating a new account or password on a website, the password manager has the capability to create a secure, randomly-generated password, allowing the user to move through the process more efficiently.

The goal, of course, would be to have completely different passwords for each site with a high character count and mix of uppercase and lowercase letters, numbers, and symbols, to ensure maximum security.

The password manager would keep track of all these passwords in a single hub, encrypting them for security, and eliminating the need to burn them into your brain or log them on a sheet taped underneath your keyboard.

This allows stronger and more unique passwords for every single site, and makes it much more difficult for hackers to guess or use brute force attacks to access you or your clients’ information.

A perfect analogy would be someone trying to unlock your vehicle with a set of keys on a keyring. If there are only five keys and each is marked corresponding to what it opens, house, truck, shed, etc., it makes short work for the individual to access the vehicle.

On the flip side, a keyring with 40 keys, all very different cuts, shapes and no distinguishing identification, would be much harder to crack.

This raises two questions:  “How do I know if a password is considered ‘strong’? And “What if my passwords aren’t up to snuff?”

The good news is, many password managers offer a feature to generate passwords at the click of a mouse. These programs may also include a feature to audit any current passwords to let the user know how susceptible it is by identifying the strength as weak, medium or strong by hacker standards.

Many password managers support a variety of operating systems: Windows, macOS, Linux, as well as mobile devices. Plugins for web browsers such as, Chrome, Firefox, Safari, and Internet Explorer, are also supported.

Truly the silver lining can be defined by one factor: cost. While it may be possible to find a free password manager, most do charge a fee, typically in a yearly or monthly subscription.

Paying the subscription can give users access to premium features such as the ability to sync passwords across all devices, priority customer support or additional encrypted storage space, among other things. Other developers may require users to pay a one-time fee to use their product.

In this case, it varies from program to program and comes down to an individual user’s needs and circumstances.

For an in-depth look at password protection and general security, the
United States Computer Emergency Readiness Team (US-CERT), a subset of the U.S. Department of Homeland Security, has published a slew of articles on the subject.

The US-CERT is tasked with protecting citizens against cyber threats and their articles provide general information for non-technical computer users, as well as concentrated information for control system users, government users, and home and business users.

Password managers help to deter hackers and secure your identity, finances, and client data, and are a cost-effective, convenient alternative to remembering or writing down the password for hundreds of individual websites.