How to convince older family members to use Password Manager?

[mayank11280]

I have some older family members who are facing issues with mandatory periodic password changes, that too requiring complex passwords by many websites but especially the banks (you know which one I am talking about).

I have tried convincing them to use a password manager. But they feel it’s a big hassle. And I can’t blame them, especially when changing password is required. Changing password in password manager is such a tricky thing, especially with BitWarden that I can’t recommend it. I haven’t found any easy in Apple Passwords either. (They are in Apple Ecosystem)

So, my questions for you:
1. How to convince the older members to use a Password Manager?
2. Which PM will be the best for their use cases, considering regular changes required?

 

[ishanjain28]

I self host bitwarden. I signed up 24 family and friends and around 18 of them still use it regularly.

What helped me was,

1. Installing and logging it in on all their devices.
2. Teaching them how to use it and why it was beneficial. Almost all of them were either reusing passwords and had lost accounts before or they kept forgetting password and had to reset it every few months.
3. Over the next few months, Just being there to help them out. They had questions on adding new entries or changing passwords or saving additional data for a website.

For you, I think it's important to make them realize the value of using a password manager. Play it by telling them, They only ever have to remember 1 password and nothing else!!

As for the complexities of changing passwords in the manager, I suggest trying out 1password. If the experience is subpar there, then that's just how things are for now and there is nothing you can do.

Also since you mentioned regular changes are required, I am guessing these websites are written by obtuse people who intentionally make lives harder for people who use password manager. So that's just extra annoying.

As an example, Bitwarden does support updating password for a website when it detects it was changed but bank websites intentionally overwrite the text field with gibberish and send the real password separately so if you click on that change password button shown by the password manager, It'll set the password field in record to garbage and your real password will be lost.

Idiotic acts like this require extra care from password managers and most afaik have not gotten around to it yet.

 

[bane]

Forget the older. I can't seem to convince my 24 yo colleague to use bitwarden. He will go though the "forget password" hassle at-least twice a month rather than using a password manager.

 

[tearphones]

Forget the older. I can't seem to convince my 24 yo colleague to use bitwarden. He will go though the "forget password" hassle at-least twice a month rather than using a password manager.

I have faced this too. Sadly, because of the prevalence of this kind of attitude, websites are moving more and more to OTP authentication with phone number only, and no other options, which makes me sad. Logging in with a password manager is just so convenient.

 

[bane]

I have faced this too. Sadly, because of the prevalence of this kind of attitude, websites are moving more and more to OTP authentication with phone number only, and no other options, which makes me sad. Logging in with a password manager is just so convenient.

SMS based otp are the most inconvenient (atleat for me) and vulnerable security feature. I read a reddit post how his account was compromised when some random apk had access to all his sms. Also, the otps are delayed (some, if not all) which annoys me a lot. Because of all banks using sms otp, I have to keep an extra sim active for no reason. I think other than Zerodha and few other brokers, no financial service brand uses totp in India, right?

 

[ToroVolante]

Forget the older. I can't seem to convince my 24 yo colleague to use bitwarden. He will go though the "forget password" hassle at-least twice a month rather than using a password manager.

Same man. I think they just don't have the curiosity to explore the settings and setup process. They give up way too fast.

Also, has anyone got Bitwarden passkeys to work on android. Not browser, just the OS. I use Firefox and I don't see BW adding support for Firefox anytime soon, apart from the extension.

 

[soulweaver]

Also, has anyone got Bitwarden passkeys to work on android. Not browser, just the OS. I use Firefox and I don't see BW adding support for Firefox anytime soon, apart from the extension.

The issue is not bitwarden or firefox. It is the way passkeys are implemented.

The ecosystem has a jumble of competing workflows, appearances, and capabilities that vary depending on the particular site, OS, and browser (or browser agents such as native iOS or Android apps). And each implementation strong-arms the user into choosing the vendor's preferred choice.

So when you create a passkey from Firefox, it will simply not allow you to login using a passkey on bitwarden. There’s a lot of uniformity that needs to be brought about.

 

[aadilxdev]

you know like just get them started maybe with google password manager and authenticator itself since its inbuilt they will like the flow then introduce something else if you for instance self hosting bitwarden since they already used google password manager it might be easier for them to transition then [hope this helps]

 

[ToroVolante]

The issue is not bitwarden or firefox. It is the way passkeys are implemented.

The ecosystem has a jumble of competing workflows, appearances, and capabilities that vary depending on the particular site, OS, and browser (or browser agents such as native iOS or Android apps). And each implementation strong-arms the user into choosing the vendor's preferred choice.

So when you create a passkey from Firefox, it will simply not allow you to login using a passkey on bitwarden. There’s a lot of uniformity that needs to be brought about.

I know that is this the reason I was asking if they got it working on android OS, because Bitwarden says android OS and chrome on android is supported. I haven't got it to work even after doing all the fixes listed on Bitwarden forum

 

[soulweaver]

What needs fixing is the standard!

 

[Futureized]

So, my questions for you:
1. How to convince the older members to use a Password Manager?
2. Which PM will be the best for their use cases, considering regular changes required?

You can convince (not at all, speaking from my personal experience)
I had to convince them to believe, without password manager, members wont be allowed to do internet related banking or other activities.
Go with 1Password, there are some shared folders/items which can help centrally keep a track of most common family related logins.

I started convincing my kid to use a Password Manager, by resetting his passwords few times without his knowledge (saying this account has been hacked) later my wife. But since last 2 years they are now addicted to Password Manager.
I also made them addict to a Todo Manager = ticktick.com

 

[Emperor]

You are here as they are not listing you, forget it, they will not listing you till they get a rude/cruel shock of loss due to password issue.. may be my words are hashed but it's reality with90% elders.

 

[dvader]

You are here as they are not listing you, forget it, they will not listing you till they get a rude/cruel shock of loss due to password issue.. may be my words are hashed but it's reality with90% elders.

Honestly, if they just have one or two netbanking passwords let them be. They are adults and they can figure out their needs, every time I have tried to push a QoL/security improvement to their workflow, it has come to bite me in the ass. And forget about elders, try convincing a teenager to use Bitwarden. And never tell your elders that a secure service is Free, I signed up an uncle of mine (after a suspicious activity in his account) for Bitwarden Pro, and told him it would help him avoid such occurrences, he is happy now.