Skip to main content

Reading is great. Tracking makes it stick. Sign up for a free Dashboard to tick off tasks and see your Security Score.

Get my free Dashboard →
User AccessHigh priority

About 15 minutes to complete

Use a password manager

Install a password manager and move your passwords into it. A password manager generates and stores strong, unique passwords for every account — so you only need to remember one.

Why this matters

Reused and weak passwords are responsible for the majority of account compromises in the UK. A password manager generates a strong, unique password for every account automatically — so you never have to choose between convenience and security. Once set up, logging in is faster and safer than typing remembered passwords.

How to do it

  1. Choose a reputable password manager such as Bitwarden (free), 1Password, or Dashlane.
  2. Install the browser extension and the app on your phone.
  3. Create a strong master password — this is the only password you will need to remember. Write it down and store it somewhere physically safe.
  4. Import existing passwords if your browser has saved them, or add accounts one by one as you log in over the next week.
  5. Enable the auto-fill feature so the password manager fills in your credentials automatically.

Need a more detailed walkthrough?

Our step-by-step guide explains each action in full detail, with confirmation steps and related tasks.

View full step-by-step guide →

Cyber Essentials framework

This task falls under the User Accesscontrol, one of five areas assessed in the UK's Cyber Essentials scheme. Completing it counts toward your Cyber Essentials alignment. Create a free account to track your progress across all five areas.

Frequently asked questions

Is it safe to put all my passwords in one place?

Yes. A reputable password manager is far safer than reusing passwords or storing them in a notebook. Your passwords are encrypted and can only be unlocked with your master password. Even if the company's servers were breached, your encrypted data would be unreadable without your master password.

What if I forget my master password?

Most password managers offer account recovery options; for example, a recovery code generated when you sign up, or recovery via a trusted device. Write your master password down and store it somewhere physically safe (not on your phone). Many password managers also support biometric login, so you rarely need to type it.

Are free password managers safe?

Yes. Bitwarden is free, open-source, and widely trusted by security professionals. It is just as secure as paid options. The free tier covers all the features most people need: unlimited passwords, browser extension, and mobile app.

Do I need to change all my passwords straight away?

No. You do not need to do everything at once. Start by using your password manager to generate a new password the next time you are prompted to log in somewhere. Over a few weeks you will naturally update your most important accounts.

Need step-by-step instructions? How to set up a password manager on your Android phone

Track your security score for free

Create a free Cyber Nova AI account to tick off tasks like this one, see your Security Score, and stay on top of what you've done and what's still to do.

Start your free security check