If you use the same password for more than one account — or rely on simple, memorable passwords like a pet's name or a date of birth — your online accounts are far more vulnerable than you might think. Password reuse is one of the most common causes of account compromise we see at PC Repair Services Edinburgh, and it's entirely preventable. A password manager solves the problem completely, requiring almost no technical knowledge to set up. Here's everything you need to know.
Why Weak and Reused Passwords Are Such a Risk
Data breaches happen constantly. When a website or online service is hacked, millions of username and password combinations are leaked — and criminals run these against other popular websites automatically. This is called credential stuffing. If you used the same email and password for a forum ten years ago as you do for your online banking today, a breach of that old forum could give attackers access to your bank account.
It doesn't matter how complex your password is if you reuse it. One breach, and every account sharing that password is compromised. This is why cybersecurity experts, including the UK's National Cyber Security Centre (NCSC), consistently recommend using a unique, strong password for every account. The practical problem, of course, is that nobody can memorise dozens of complex passwords — which is exactly what a password manager solves.
What Is a Password Manager?
A password manager is an application that securely stores all your passwords in an encrypted vault. You only need to remember one strong master password to unlock the vault — and the manager handles everything else. Most password managers also:
- Generate long, random passwords for new accounts automatically
- Autofill login forms in your browser with one click
- Sync across all your devices — PC, laptop, phone, and tablet
- Alert you if any of your stored passwords appear in known data breaches
- Flag weak or reused passwords so you can update them
The vault itself is encrypted with your master password before it ever leaves your device, meaning even the password manager company cannot see your passwords. As long as you choose a strong, unique master password, the risk of your vault being compromised is extremely low.
Which Password Manager Should You Use?
There are several excellent options available in the UK. Here are the most widely recommended:
Bitwarden
Bitwarden is open-source (meaning its code is publicly audited for security), and its core features are completely free to use across unlimited devices. It's our top recommendation for most home users — there's no reason to pay for anything more than the basics unless you need advanced sharing features.
1Password
1Password is a polished, paid option popular with families and small businesses. It's well-regarded for its interface and has strong business features including team sharing and administrative controls. Well worth considering if you're managing passwords across a small Edinburgh business.
Dashlane
Dashlane offers a generous free tier and a particularly clear breach monitoring feature that actively scans the dark web for your email addresses. Its paid plan includes a built-in VPN, which may appeal to users who want an all-in-one privacy tool.
The Browser Built-In (Chrome, Edge, Safari)
Most browsers now include a built-in password manager, and while these are better than nothing, they have limitations — they're tied to that browser, less feature-rich, and not as portable. If you're currently using nothing, a browser manager is a reasonable first step, but a dedicated app is more secure and flexible.
How to Get Started in Three Steps
- Choose a manager and create an account. Download Bitwarden, 1Password, or your preferred option and install the browser extension. Create your account with a strong master password — something long and memorable, like three random words strung together with numbers and symbols. Write this one password down and store it somewhere physically safe, like a locked drawer. This is the only password you must never forget.
- Import your existing passwords. Most password managers let you import passwords saved in your browser with one click. This gets all your existing accounts into the vault immediately.
- Update weak and reused passwords gradually. The manager will flag accounts with weak or duplicate passwords. Work through these over a few weeks — there's no need to do it all at once. Each time you log into a site, let the manager generate a new unique password for it.
What About Two-Factor Authentication?
A password manager pairs exceptionally well with two-factor authentication (2FA). With 2FA enabled on your important accounts — email, banking, social media — an attacker needs both your password and access to your phone or authenticator app to log in. Even if your password is somehow compromised, 2FA stops them in their tracks.
Most password managers can also store your 2FA codes alongside your passwords, making the login process seamless rather than disruptive.
What If My Password Manager Gets Hacked?
It's a fair concern, and the honest answer is that no system is completely immune. However, reputable password managers use end-to-end encryption — your data is scrambled before it leaves your device, and only your master password can unscramble it. Even in the event of a server breach, attackers would obtain only encrypted data that is computationally infeasible to crack with a strong master password.
Compare this to the alternative — reusing weak passwords — and a good password manager is by far the safer option.
Already Been Hacked? We Can Help
If you suspect your accounts or computer have already been compromised — unusual login alerts, emails you didn't send, accounts you can't access — our virus and malware removal service can check your system for keyloggers and other threats. We can also help you identify whether you've been targeted by a phishing attack and advise on the best steps to secure your accounts.
We work with home users and small businesses across Edinburgh — including Stockbridge, Bruntsfield, Marchmont, Leith, and Corstorphine — and can also assist remotely via our remote support service. Book an appointment online or get in touch and we'll be happy to help.