All field notes
Passwords·Jun 22, 2026·5 min read

The one habit that fixes most of your password problems

A password manager sounds like one more thing to set up. It's actually the single change that quietly fixes the biggest hole in most people's security.

OP
OP4 · Field Notes
Everyday security, explained
Article artwork

Here’s the uncomfortable truth most security advice dances around: the reason your accounts get broken into usually isn’t a clever hacker. It’s that the same password — or a couple of close cousins — is protecting your email, your bank, and that random forum you joined in 2014. One of those sites gets breached, the password leaks, and attackers quietly try it everywhere else. It works far more often than it should.

You can’t fix that by being clever or careful. Nobody can remember a hundred different strong passwords. The fix is to stop trying — and let software do it for you.

What a password manager actually does

A password manager is a locked vault for your logins. It creates a long, random password for every site, remembers it, and fills it in for you. You memorize exactly one strong password — the one that opens the vault — and it handles the rest. On your phone and laptop it usually fills logins automatically, so day to day it’s less typing, not more.

You memorize one good password. The software handles the other ninety-nine.

Which one to pick

Don’t overthink this — any of these is a huge upgrade over reusing passwords:

  • 1Password — the most polished. Easiest for a whole family to share logins. Paid, and worth it for most people.
  • Bitwarden — excellent and free for the basics, open-source. A great choice if you’d rather not pay.
  • The one built into your phone or browser (Apple Passwords, Google Password Manager) — already there, already free. If a separate app feels like too much, start here.

How to start without giving up

The mistake is trying to convert all hundred accounts in one weekend. You’ll burn out by account twelve. Instead:

  • Install it and set one strong vault password you’ll actually remember.
  • Fix your email first — it’s the master key to everything else.
  • Then your bank, then anything with your money or your identity in it.
  • After that, just let it update passwords as you log into sites normally. In a few weeks you’re mostly done without ever sitting down to “do passwords.”

It feels like a chore for about a day. Then it quietly disappears into the background and does its job — which is the whole point. Future-you, the one who never has to think about a leaked password again, will be glad you started.

If you only do one thing

Install a password manager today and use it to set a brand-new, unique password on your primary email account. That one move closes the door most break-ins walk through.

OP
Field Notes, from OP4

Plain-language security for everyday life — the family-barbecue version of the advice we give clients. Have a question you'd like covered? Send it over →

Keep reading
Safe Browsing · Drafting

Family-safe DNS in 15 minutes (1.1.1.1 for Families, Quad9)

2FA · Planned

Two-factor without the headache — and which accounts come first