Understanding basic password types will help you devise a strong password management strategy for all of your accounts. In general, and at a high-level, there are two basic types of passwords.
- Primary passwords
- Secondary passwords
Primary passwords are inputted physically into a device. For example, logging into the operating system of a laptop, tablet, or smart phone.
Due to this, primary passwords are not good candidates for password managers. You must commit them to memory, or write them down and store them in your wallet or purse, or carry a password card.
NIST 800-63-3b refers to primary passwords as ‘Memorized Secrets’.
Secondary passwords can be logically or remotely inputted into systems by copying and pasting. They do not have to be memorized. Entering a password into a bank’s website or sshing into a remote system are a few examples.
Secondary passwords are ideal candidates for password managers.
Which password manager should you use
Try several and find one that works well for you and people you collaborate with.
Personally, I prefer open-source password generators that have multiple implementations and can be externally validated and examined. But, I realize that’s not for everyone.
Using any password manager is better than not using one at all.