Don’t want to use a password manager? Here are all the different ways you can store all your passwords without using one.
We deal with logins credentials every day, from work environments to various personal internet activities, and even our home smart TVs require passwords. Soon to be the norm, various Internet of Things (IoT) home appliances will need more usernames and passwords.
Many may seem highly recommended to have a secure password manager; however, everyone’s needs are different.
There could be other more sensitive credentials that you want to conceal even deeper without using a password manager. Or you could be evaluating different forms of passwords storage out there.
Before we begin, it is essential to clearly understand that storing login credentials includes storing at least three different fields or more, namely the unique username, the password itself, and the URL/service required.
This article will list all the possible ways to store your passwords without using a password manager solution and state their strengths and weaknesses in each method.
Google Chrome web browser offers to save your passwords each time you log in to a unique site.
When you agree to let Chrome save your password, it will automatically sign you into these websites using the stored credentials every time you visit them.
Chrome also offers a randomly generated and unique, strong password for you.
While Google does most of the heavy lifting and maintains a high security and encryption level, our only downside is losing our Google account.
Once you know how to edit your Google account’s privacy, this method is highly recommended for storing your online passwords.
Locked Excel or Word document
Commonly used by many, MS office documents such as Excel allows you to lock the file via a password.
After entering your passwords or notes inside the Excel file, you can then password-protect it.
For Mac, go to File > Password and enter your password
For Windows, go to File > Info > Protect Workbook > Encrypt with Password
Excel can get corrupted with no apparent reason or warning beforehand. So make sure you make an effort to backup and make regular copies of it.
Avoid saving all your backups in a single machine.
If you happen to lose or forget your Excel password, you can get a commercial paid tool called Passware Kit that recovers it for you. The Basic version retrieves all MS Office documents, and the Standard version includes other file formats like ZIP and PDFs and many more.
This technical method involves hiding your secret text inside a digital file, such as an image file, by writing it into the file’s binary data.
The correct way of doing this requires the use of a hex editor to input your hidden message.
After storing your sensitive data, you can naturally open the image file without revealing any written text to the observer.
The file can get deleted accidentally, or you can forget which file it was. So make sure you do periodic backups as well.
This method involves saving your passwords in clear, plain sight, but the observer could not understand and access your accounts.
There are various methods out there, from using Caesar’s Cipher (simple to decode) to using AES-256 algorithm (complex)
Caesar’s Cipher works by substituting each letter by x amount of letters in either a forward or backward manner
For example, you could decide to use +3 forward, so it will be like this;
Apple = Dssoh
You can easily encrypt and decrypt text using the AES-256 mathematical algorithm on many websites.
Just input your password and encrypt it with your secret key (a word of your choice). Then, save the encrypted long string of text on any document you prefer. Even if the observer knows it’s AES encrypted, they could not decrypt it without knowing your secret key.
You create an encrypted “container”, define its capacity size and placed all your files inside.
You can store any file type, and they can be anything from Office documents to multimedia files.
Compressed File Encryption
This method is the process of locking a folder (with your files inside) in your computer.
Almost all compression applications like WinZip, WinRAR and 7Zip offer password-protection encryption features.
Privacy Cloud Storage
How about storing your passwords in the cloud?
The key here is to use a zero-knowledge end to end encrypted cloud storage solution for your sensitive data, including your passwords.
Since it is stored in the cloud, you do not worry about periodic backups and hardware maintenance.
You can also get multiple file revisions if you intend to re-visit older copies of the same file.
For both ease of use and privacy, just go for PCloud or Sync.
Depending on the different types of files you want to store, you can read more from the list below;
Encrypted USB Flash Drive
You can keep your passwords in documents like Word or Excel (or even plain text file) and have them stored securely in either a hardware-encrypted or software encrypted USB flash drive.
The difference between the both?
Hardware encrypted USB flash drives usually require entering a pin code on its physical button before one can gain access to its contents.
Software encrypted USB flash drives are usually password-protected via a software interface.
USB device uses flash memory that can withstand between 10,000 to 100,000 writes and ideally can last up to 10 years. But, of course, these considerations depend on how frequent one access the flash drive for your daily logins activities.
USB flash drives can also get corrupted or become unreadable at times. So make sure you do periodic backups of those important files or have a secondary USB flash drive.
Using Mobile Apps
Since we carry our mobile phones everywhere we go, it makes sense that we could store our login credentials on our phones.
The trick here is to find an encrypted notes app that could store your passwords safely.
And having the future ability to export or securely sync your entire encrypted password list to another mobile device when you need to.
There are a handful of truly secure and encrypted notes apps that even the company cannot see your data.
The downside of this?
Make sure you lock your notes app upfront with a password. This is to prevent unauthorized access.
Make sure your notes app can export your data offline if the app company is no longer in business. Then, you can still get your data back.
Use Standard Notes or Joplin if you prefer using this method.
Using an Offline Password Manager
Maybe one of the reasons you do not want to have an online password manager is the fear of being hacked.
Either you or the password manager company could be victims of hacking.
Over the years, hackers have tried and gained access to some of the database servers of online password managers such as LastPass, Dashlane and 1Password.
Some of the best privacy-focused online password managers have addressed this issue regarding security, encryption and the ability to sync conveniently across your different devices.
If fear of hacking is your concern, you can consider using a offline password manager like KeePassXC instead.
KeePassXC stores your password database offline on your local device and requires no internet connection. It uses the industry-standard of 256-bit AES encryption as well.
Unless you lose your device or lost your offline password database, your sensitive data should be safe.
Using Email Inbox
For some, a convenient way is to email themselves whenever they have new login credentials to remember.
Many free email providers are not using email encryption, resulting in the company’s ability to read all your email contents, including your passwords.
If you prefer this method, go for a privacy email service provider like Protonmail.
Using Protonmail is free for its basic plan, it uses end to end encryption and offers anonymity to its users.
Writing on Physical Paper
A conventional way is using pen and paper.
This can be on a piece of paper, a notebook or even a post-it pad. Storing it can at home, in the office, in a safe box and even inside your wallet.
Some people prefer this way because using their handwriting may seem more familiar and straightforward to them.
Some kept them in their wallet on the go, but once they were missing, your entire password list now poses a significant security risk to identity theft.
Unless you kept it discreetly, e.g. using a safe box, others could quickly discover this method since it is in plain sight and has clear text.
Paper can deteriorate as time goes by, especially when not appropriately kept. Visible deteriorations can be the ink contrast and changing to yellowish.
Many are often regarded as highly unreliable as we tend to forget longer and complex passwords; this is also the safest place to store them.
Two ways of doing this. You can either remember all your passwords by memorization (not recommended) or retain at least a specific clue, i.e. a seed word.
So how does the seed word work?
Using this example, your seed word can be; [email protected]$
Your seed is the only string of characters you need to memorize.
Your seed word needs to have at least ten alphanumeric characters, capital letters, small letters and special characters. These are required by most websites nowadays based on security strength.
Depending on the website or service, you will add the name behind your seed word.
For Gmail, it will be [email protected]$Gmail
For Reddit, it will be [email protected]$Reddit
You can use a combination of the different methods described above.
For example, you could have used both methods of Steganography + encrypted USB flash drive.
Or you can password-locked your Excel file and have it uploaded onto a privacy-focused cloud service like Sync for maximum security.