How to use a password manager (and stop reusing passwords)
What a password manager actually does, which one to pick, and the 1 hour of setup that saves you from getting hacked.
Quinn Yoo
February 20, 2026
Pick one, then commit
1Password (paid, polished). Bitwarden (free, open source). Apple Keychain (free, Apple-only). All three work.
Don't browser-store passwords as your only system. They're not as secure and don't sync as well across platforms.
The setup
Sign up. Create a master password — long, memorable, never reused.
Install the browser extension and mobile app. Enable autofill. Sign in to one site at a time and save credentials as you go.
Within 2 weeks, every login lives in the password manager.
Generate strong passwords
When signing up for new accounts: let the manager generate a random 20-character password. You'll never type or remember it; the manager fills it.
Existing weak passwords: most managers flag these and offer one-click change. Do it for email and banking first.
People also ask
What if I forget my master password?+
1Password and Bitwarden don't have a 'forgot password' option — they can't decrypt your vault without it. Save a recovery sheet somewhere physical.
Are password managers safe?+
Yes — vault data is encrypted before it leaves your device. Even if the company is hacked, attackers get encrypted gibberish.
Should I share passwords with family?+
Yes — use the family/team feature in 1Password or Bitwarden's organizations. Don't text passwords.