Why you need a password manager

22nd April 2026

Passwords have been around for centuries, and guidance has changed many times over the years. In the 2000s the advice was to have a password that was hard to guess, made up of letters, numbers, and punctuation. That meant people were forced to create passwords that were difficult to remember and to type, so they re-used one password everywhere.

Current (2026) advice is to have a long password that isn't re-used. That can be a challenge to get your head around, but the trade-off is that it's no longer recommended to change your password every 90 days. Create a strong password, don't re-use it, and only change it when you need to.

But not re-using passwords is still a daunting task, with potentially hundreds of passwords to remember.

Password managers to the rescue!

A password manager is a piece of software that securely stores and manages your passwords for you. You remember the main password to access the password manager, and the tool then remembers your other passwords. Often password managers have browser plugins to automatically type your details into websites too.

Coming up with a good password can be difficult but password managers can generate these automatically, often with settings for "easy to remember and type" and "completely random". The password manager will create a unique password for each website you visit, avoiding that re-use problem.

Now that you don't need to remember all your passwords, you can have strong, unique passwords for different websites and systems.

Other benefits

Your password manager's browser extension will automatically fill in your login details, but crucially only on the legitimate website for those details. This helps to protect you from phishing, where an attacker attempts to trick you into giving up your credentials to a website that looks like the genuine site. Common attacks at the moment include asking you to login to download a shared file: instead of the real Microsoft 365 (or similar) website, you're directed to a fake. While you may be tempted to enter your details, the password manager would refuse.

Any recommendations?

Over the years I've used a number of password managers, my current choice being 1Password. For home users, 1Password offers an individual plan, but there's also a family plan that covers five people. Business users can take advantage of 1Password's larger features for organisations, which makes sharing, and auditing, passwords easier. 1Password stores your passwords in their secure cloud.

If you want to stay offline, tools like Keepass are a good option. Particularly useful if you don't need to synchronise passwords across devices.

We are not affiliated with any of these password managers, and receive no compensation for mentioning them here.