If you’re like most people, you probably share passwords with your family and friends. But sharing passwords can be risky, especially if you don’t use a strong password. Here’s how to share passwords safely:
- Use a strong password. A strong password is one that is difficult to guess, and it should be at least 8 characters long. Don’t use easily guessed words like “password” or your name.
- Don’t share your password with anyone else. If someone asks for your password, don’t give it to them. Instead, ask them to write it down or type it into a website where you can see it (like a login screen).
- Change your passwords regularly. If someone knows your password, they can access all of your accounts – including those that are protected with two-factor authentication (2FA). Change your passwords every few months or whenever you change something important about your account (like the email address associated with the account).
- Use a different password for each account. This way, if one of your passwords is compromised, only that specific account will be affected – not all of your accounts using that same password combination. ..
Keeping your password secret is a fundamental security practice, but there are times when you want to share a password with family members. Don’t just send those passwords in an email, though! Use these secure alternatives instead.
Why Would I Want To Do This?
Although the majority of your passwords should remain secret, there are plenty of times when sharing a password with your spouse and family members is useful.
There are many online services, for example, that multiple people in a household use but only one person manages (or the service only has a single login and password). Both spouses might want to log into their bank accounts and credit cards, for example, but typically only one person actively managed those things. There might be children in the household that have accounts of their own (like their own App Store login, logins for virtual games, and so on) and it would be extremely convenient if both parents could easily access the child’s list of passwords.
Then, of course, there are ubiquitous services like Netflix that everyone in the house enjoys access to. By setting up a system where everyone in the household can check what the Netflix password is, the tech person in the family (be it mom, dad, or an older sibling) doesn’t have to field every inquiry about it.
Wouldn’t it be nice if there was a simple and secure way for everyone to see those shared passwords? Thanks to advances in password management applications, it’s easier than ever to manage passwords for your whole family.
The Star of the Show: Your Password Manager
RELATED: Your Passwords Are Terrible, and It’s Time to Do Something About It
Everyone should have a good password manager to stay secure online–everyone. But to securely share passwords with your family members, you need a good password manager that supports sharing. More specifically, you want a good password manager that supports managed password sharing. There are plenty of password managers out there that allow you to, say, share a single password with another user of the service, but that’s too limited for what we’re talking about today. We don’t want the hassle of sharing one password at a time; we want a way to share entire sets in a family environment.
To achieve this, we’re going to lean on two very solid password managers that you may recall from our password manager roundup: 1Password and LastPass. Both of these services offer managed passwords but they have contrasting feature sets and price points. We’ll dive into the details in the sections below.
RELATED: Password Managers Compared: LastPass vs KeePass vs Dashlane vs 1Password
One thing we do want to note before proceeding: you may have noticed our selections are cloud-based password management solutions. We didn’t include KeePass or other offline password managers on this list because the degree of hassle involved in using them for family sharing is huge. Feel free to investigate such solutions if KeePass is your preferred password management solution, but know that KeePass wasn’t designed for multi-user access, there is no user-based permissions or controls, and unless you have a household of very tech-savvy people, then it’s probably not a very viable solution.
Let’s take a look at the feature set of each service so you can pick the best password sharing system for your family. Regardless of which option you choose, you can rest easy knowing that your passwords are secure and the days of writing them down on slips of papers or texting them to each other is over.
1Password Families: Easy All-In-One Password Management
If you’re looking for a system where one family member is designated as the administrator and has a more active role in controlling the accounts of other family members, then 1Password Families is your best bet. AgileBits, the company behind 1Password, has done a fabulous job taking the best aspects of their enterprise password management suite, 1Password Teams, and adapting it for family life.
We highly recommend this solution if you want an effective and economical way to manage all the passwords (as well as documents, licenses, and other matters) for your family. The family member in charge of managing the account has administrative power over the whole system and can reset passwords on the family accounts, share and revoke access, and keep the whole family security system running smoothly in the process.
The service is designed for up to 5 family members and the $5 a month subscription fee includes access for all family members to all of the very-highly-rated 1Password premium desktop and mobile apps without additional licensing fees. $60 a year for both the service and the apps is a great value.
There is one minor shortcoming in the current implementation of 1Password Families (and one we expect will likely be addressed in an upcoming update to the service): Currently, the 1Password Families system doesn’t have quite the granularity that the 1Password Teams system does, and you can’t share passwords in a read-only mode. While we don’t expect to have completely enterprise functionality at a family-friendly price, read-only is a perfect fit for families with younger kids who needs to access (but not edit) passwords.
How to Set Up 1Password Families and Add Users
To get started simply head over to the 1Password Families portal and sign up. (Note: if you have an existing single-user 1Password account and you wish to migrate it over to become the administrator of your new families account, see this help file.)
During the signup process, you’ll be prompted to name your family and input your email, as well as review the URL that will serve as the home base for your family password vault. Next you’ll create a master password and receive a master account key. This key cannot, under any circumstances, be retrieved by anyone at 1Password, so be sure to print a copy and store it in a safe place.
Once you’ve completed the process, you are dumped into the overview homepage of your account, as seen below. There are two important things to note in your fresh view: your vaults (both personal and shared) are seen at the left and at the right is a handy little checklist to guide you through the setup process.
While not everything on the “Quests to Conquer” list is necessary (like adding an avatar to your account) you can’t have a team without inviting members so select “Invite Your Team” to bring your family into the password fold.
In the Invitations menu, select the “+” icon and input your family member’s name and email address. They will receive an email invitation shortly and will need to complete the same basic setup you did (creating a master password, saving their master key, etc.) Obviously if you’re the techie in your family, you’ll want to be on hand to walk them through that part.
Once they’ve replied to the email and set up their account, then they will appear in the pending list on the far right hand side of the Invitations screen. Confirm them by selecting the “Confirm” button and they’re in the system!
How to Create Shared Password Vaults in 1Password
While other password systems use the term “vault” to refer to your entire password collection (which may be subdivided into groups and/or folders), a vault in 1Password is more akin to a folder, and it’s easiest to think of it that way.
Before we dive into creating vaults and managing entries, a little footnote is in order. By default, the 1Password system has two vaults that are special: Personal and Shared. You cannot delete either of these vaults. The personal vault and its contents can only be seen by the account owner (and each family member has their own). The shared vault’s contents, on the other hand, are always accessible, with read/write access, to the whole family.
With that in mind, it’s helpful to think about it like this: the personal vault is just for you, the shared vault is for passwords you’re okay with anyone seeing and editing, and for everything else (passwords for just you and your spouse or passwords for your children) you should create separate vaults that you can customize to fit your needs.
Let’s create a new vault to show off the process. We’ll make a new password vault that contains passwords intended for use by every person in the family, such as the password for Netflix.
You can create a new vault either by selecting “Create Vault” from the list of tasks presented to new users on the right hand side of the 1Password Family home screen (the same list you just used to invite a new member to your family) or you can select “Admin Console” from the drop down menu in the upper right hand corner. In the Admin console select “Vaults” and then select the “+” icon, as seen below.
Give your vault a relevant title. We’ll call ours “Shared with Family” to indicate these are passwords shared with the whole family.
You’re kicked into the vault immediately after creation. You can see the only person with access to the vault is the administrator. To add in family members click “Manage Access”.
Check the name of the family member you wish to give access to the new vault.
Under the new family member entry, you’ll see “Read, Write & Export” as the default permissions. Currently, as we noted in the introduction, there is no option to toggle access to read-only.
Now that we’ve created a shared password vault, let’s add an entry. Select “All Items” below the “Manage Access” link to jump right into the vault. If you’re already a 1Password user, you’re well familiar with the next steps, but for those who are jumping right into password management for the first time with the 1Password Family plan we’ll detail them here.
When you click the plus sign at the bottom, a list of all the available types of vault entries will pop up (you can save not only login information but documents, identification, software licenses, and more to 1Password); select “Login”.
Create your login and click “Save” in the lower corner.
Now the Netflix entry is in your shared family vault and everyone can check the Netflix password when they need it.
Before we move on to looking at password sharing in LastPass, we’d like to emphasize again how well rounded of a solution 1Password Family is for families. Not only is it easy to use and has the same polished interface and apps as the core 1Password system, but it makes life as the tech guru of your house so easy: even if your spouse and kids forget their passwords account recovery is just a click away. As 1Password for families continues to mature we expect it to become an even more compelling all-in-one solution for families. We were so impressed with the ease of use 1Password Families offers for both the administrator and family members that we’re currently conducting a household-wide test with an eye towards migrating to 1Password.
LastPass: More Complex, but Potentially Cheaper and More Flexible
While 1Password Families has a certain edge in the family-password-management game because of its enterprise-roots and an emphasis on one person taking on the role of administrator, that doesn’t mean that LastPass isn’t worth considering. In fact, presently, LastPass actually offers a few distinct advantages over 1Password Family that might sway you.
LastPass premium users ($12/year) can create “Shared Folders”. The shared folder can be shared with up to 5 people (who do not need to be LastPass premium users), supports up both read and read/write permissions on a per-user basis. And, since LastPass’ mobile app is now free, this is definitely the more cost-effective solution.
A note on the setup of this section of the tutorial: unlike 1Password Families, which requires a totally separate setup from a regular 1Password single-user account, the LastPass shared folders are just a feature built into the regular LastPass premium account. Rather than devote a whole section to setting up a LastPass account, we’ll assume you already have one, and jump right into creating and and configuring a shared folder.
How to Create a Shared Password Folder
While logged into your LastPass account via the web-based interface, select “Sharing Center” from the left-hand menu.
In the far lower-right corner of the Sharing Center screen, click the + symbol to add a new folder.
Give you folder a name, like “Shared Passwords” or “Family Logins”, and click “Create”.
You’ll now see the folder in your list of Shared Folders, as seen above.
If click on “Sites” in the sidebar, you’ll see your new entry in the folder list with a “Shared Folder” flag next to it. You can now create entries in the folder as well as right-click on it and create sub-folders if you wish to better organize your shared passwords.
How to Share Your Folder and Manage Permissions
Once you’ve created the folder all that’s left to do is invite your family members and manage their access to the folder. To do so return to the “Sharing Center” via the sidebar. In the Sharing Center, mouse over the entry for your new shared folder and click “Manage”.
Here you can enter the email address of the family member you wish to invite, as well as set the permissions right out of the gate with the Read Only and Hide Passwords checkboxes.
You might be curious what the deal with “Hide Passwords” is, as it’s a bit counter intuitive. It allows the shared-folder user to use the password via the web browser plugin or the auto-login function in the mobile app, but not see the password. Let’s say, for example, you wanted your kid to be able to log into Netflix on their computer, but not share the password with anyone. Checking the Hide Password box would allow them to log in without actually knowing what the password is.
The permissions are folder/sub-folder wide. So, if you’ve made a sub-folder for banking information to share with your spouse and a sub-folder for media logins to share with your spouse and kids, then you’ll want to hide the banking logins from the kids.
To restrict access to a selection of sites, click on the wrench in the entry for that user.
There is a lot going on here, so let’s break it down. First, you have a column of available items which is all the things in the shared folders. You can see here that we have a perfect pair to demonstrate setting up restrictions for a child’s account: a Bank of America credit card in the Credit Cards folder and a Netflix account in the Media Logins folder. Clearly we want the kid to access Netflix but not our credit card.
The first thing you should do is check the box that starts with “Rather than specifying…”. This option will invert the columns so all the logins within the shared folder are unavailable by default instead of available. This setting will apply to both the current and future additions to the folder. It’s much easier to work from a position of giving people permission to see something than it is to constantly be taking permission away.
Once you’ve done that you can simply drag and drop between the two columns. Want the kid to have Netflix access? Drag it over into the available column, as seen below.
The other handy feature found in the access menu is the “Apple to Other Users” box. If you’re setting everything up for multiple kids you can easily clone the settings you configure here to the other children without repeating the sorting process for each kid. Check the box and you’ll see a list of all members of the shared folder. Simply check the ones you wish to lump in with the current configuration.
It takes a little bit of work to get a family password management system up and running, no doubt about it. But compared to the hassle of maintaining multiple individual password managers in parallel (at best) or insecurely sharing passwords (at worst), it’s absolutely worth the effort to set your family up with a system that makes sharing secure and simple.