How to create and manage your logins while maximizing security and ease.

Every website has slightly different requirements. Your standard RoverIsAGoodBoy didn't work on this site? Oh, must've needed a number—try RoverIsAGoodBoy1. No? Maybe a symbol. RoverIsAGoodBoy!. Or both? RoverIsAGoodBoy1!. Wait, when did you create this account? Maybe is was your previous standard password: password1234.

If the above looks familiar to you: 1) I empathize and 2) I am here to rescue you from this hell!

The relief that comes from using a password manager is enormous. You've probably never thought about how much mental space your passwords are taking up. Well, I have. Not counting work logins, I've got three hundred and eighty one usernames and passwords. That is 381 things that would hurt my head every day of my life, if I were foolish enough to try to memorize them all.

"But I have a system!" you say. "On each site I do <<some_permutation_I_can_remember>>." Yeah, OK, that's better—until someone figures out your system. It's probably not as clever as you think it is, and it's still taking up space in your brain that is better allocated to learning linear algebra or another Netflix binge.

## Multi-Factor Authentication

After passwords, the next thing nobody enjoys is checking their phone for a two-factor authentication code. Nobody!

I have some bad news: you're just going to have to deal with this one. It's not fun, but it's very important to protect yourself from hackers.

Getting a text message to confirm your logins is better than no secondary authentication. Using a dedicated app is better still, as it's not vulnerable to a SIM swapping attack.

But if you really don't want to deal with these MFA codes, you can use a device like a YubiKey instead. It's a device that can plug in to USB as a form of authentication. In the way that a code sent to your phone authenticates you because it's assumed only you have your phone, a YubiKey authenticates you because it's assumed only you would possess this USB key. Personally, I'm more afraid of losing this than I am of losing my phone, but it's an option and definitely more secure than texting or apps.

1. We've already established that it's Rover, and that he's a good boy. ↩︎