Before I started using LastPass, my passwords were a mess. A .txt document on my desktop housed most of my passwords. I also let my browser remember a bunch for me. Other times I would scribble them down on pieces of paper or in notebooks. In other words, my password record keeping was haphazard – and very insecure.
Once I started using LastPass, I was able to consolidate all of my passwords into one place. Piece by piece, I eliminated all those other methods of keeping track of my logins, and other random pieces of information like WiFi passwords and security codes. Saving everything in one place was a crucial step in getting organized and improving my online security.
If you’re just getting started with a password manager, there are many places where your passwords might be hiding. Be sure to do a full audit so that you don’t lose any passwords. Having them all in one place also helps you accurately monitor and update passwords. Even if you’ve been using a password manager for a while, you might be surprised to find old passwords still lurking in one of these places.
Nervous about not having a hard copy or “backup” of your passwords in your password manager? There are options to print and/or export your password list in LastPass.
Here’s where you should check for passwords and other important information:
Most of us don’t think twice about letting our browsers remember our passwords for us. But browser password managers are pretty limited when it comes to security features, and lacking in ways to help you actually create and share strong passwords.
Safari: Safari menu > Preferences > Autofill tab
Chrome: Chrome (kebab) menu > Settings > Show advanced settings > “Passwords and forms”
Internet Explorer: Tools > Internet Options > Content tab > Autocomplete > Settings > Manage Passwords
Firefox: Firefox (hamburger) menu > Preferences > Security tab > Logins
A desktop document
This one should be easier to spot. Find any documents or text files you’ve used to store passwords. Once you’ve added those logins to your password manager, be sure to purge the file.
Your browser cache
This isn’t necessarily storing your password, per se, but when you use the “remember me” option on a website you’re effectively telling that website to bypass your password. The only trouble here is that 1. It makes it more likely you’ll forget the actual password and 2. If someone were to sit down on your computer they might be able to get into a few of your websites. The first issue is probably a bigger problem. That’s why it’s far easier to let your password manager remember and fill the password for you, so on the off chance the website no longer has the “remember me” option checked you’ll have the information you need to quickly log in.
So many people I know rely on simple note-keeping apps to remember things like their passwords. While the convenience is understandable, this leaves your passwords much more vulnerable. Most note-taking apps don’t use the same level of encryption standards as a password manager. Even more, there really aren’t any security features to keep your passwords safe. And lastly, it won’t help you automatically save, create, or share your passwords, all of which means more tedious work and time wasted on your part.
Yes, believe it or not people will sometimes bury their passwords as a “hidden” contact in their phone’s directory. While the odds of someone abusing this are pretty low, even if they did steal your phone, using this method still means you’re spending a lot more time and effort on passwords than you should (copy-pasting them from one place to another, creating new ones when you sign up somewhere, and reusing passwords because it’s just easier).
When you need to share passwords with other people, like friends or family members or even assistants or nannies, it’s easy to just email it to them. And when you have to reset passwords, companies may even email the password to you (that’s a no-no for security, by the way). But that means your email starts to become a treasure trove for all sorts of private information. Better to keep your passwords locked up somewhere else so if someone breaks into your email account you can try to minimize the damage to any other online accounts until you can fix it.
Notebooks, sticky notes, bulletin boards & common spaces
Ah, the good old sticky note. They’re so handy when you need to quickly scribble something down. But the reality is, things like notebooks and sticky notes are easily lost, damaged, or even stolen. As you’re getting yourself organized just be sure to go through your paperwork and random notes. Your password manager is perfect for pieces of information like usernames, passwords, security codes, PINs, and any other little note you need to keep somewhere safe.