The Best Password Manager Is the One You'll Actually Use

This week, we’re excited to share a guest post from our friend Brian Smyczynski at partNERD IT Services. Brian runs a Houston-based MSP that provides IT support, cybersecurity, VoIP, and virtual CIO services for small and midsize businesses across the country.

With nearly 30 years in the trenches, Brian knows what works, and what doesn’t, when it comes to tech habits. His perspective on clear communication mirrors ours (except he’s way angrier about printers). This piece is a perfect companion to our recent series on password managers.

What to Do When a Password Manager Still Feels Like Too Much

We all know the rules by now: use unique, complex passwords for every site. Store them in a password manager. Don’t reuse “Fluffy1962” for your bank login.

And yet... most of us still rely on a small handful of passwords we can actually remember.

Let’s be real: if you sign up for a password manager but never use it, it’s not doing you any good.

• Maybe the app feels intimidating.

• Maybe you’re always in a rush and don’t want to pull out your phone every time.

• Maybe your browser has stored your passwords for years and you can’t remember your master password anymore.

Or maybe you’re just set in your ways and don’t want one more thing to manage.

That’s okay. The good news? There’s a middle ground. One that’s far more secure than reusing “Fluffy1962” across the internet, and still manageable even if you’re not ready to go all-in on a password manager.

Why Unique Passwords Actually Matter

Unless a hacker is targeting you specifically (which is called spear phishing), they’re not sitting there trying to guess your password by hand. They’re playing a numbers game.

Here’s how it works:

• Hackers break into low-security sites and steal lists of usernames and passwords.

• Then they try those same credentials on higher-value sites — think banks, email accounts, and online retailers.

• If someone reused the same password across sites, jackpot.

This is called credential stuffing, and it’s one of the most common attack methods out there.

But here’s the thing: even a slightly more complex, unique password can stop them cold. Why? Because attackers are lazy. They’ll always go for the easiest target. You don’t have to outrun the bear, you just have to outrun the other guy.

Not Ready for a Password Manager? Try This Instead

Password managers are still the best way to go. But if you’re not ready yet, try this simple system to make better passwords — ones that are easy to remember and harder to crack.

Step 1: Choose a Base Word

Pick something short and meaningful to you. For example: beer.
(But please, don’t actually use “beer.” It’s public now.)

Step 2: Make It Stronger

Capitalize the first letter. Replace vowels with numbers:

• A → 4

• E → 3

• I → 1

• O → 0

Add a special character in front. So: beer becomes #B33r.

This is your suffix. It stays the same across sites.

Step 3: Customize by Site

Add a prefix based on the website’s name. Use something simple and memorable, like the first syllable:

• Facebook → face#B33r

• Instagram → insta#B33r

• Your bank → bank#B33r

These passwords are unique for each site and meet most sites’ requirements. They:

• Are more than 8 characters

• Include uppercase, lowercase, numbers, and a special character

• Are easier to remember than random strings

• Throw off automated attacks

And if one of them gets leaked, the hacker would still have to figure out the pattern. Most won’t bother.

Next Steps?

This system is a great starting point. But eventually, you should consider using a proper password manager. A good one will:

• Create truly random, ultra-strong passwords

• Auto-fill logins on websites and apps

• Sync across your devices

• Store everything behind one master password

• And does other great stuff

Pair that with two-factor authentication (2FA), you’ve got a powerful defense against most common cyberattacks. You can find simple instructions for enabling 2FA on your most-used sites here.

Final Thought: Security Isn’t All or Nothing

Even small changes help. Switching to a unique, semi-random password system is a big step up from reusing the same one everywhere.

So whether you take your first step today or jump straight into a password manager tomorrow, just keep moving forward. Your digital life is worth protecting.

What else is brewing…

Join us for tea!

CybersecuriTea is a free, plain-English guide to digital safety, designed for families, friends, and the folks you love. Subscribe today and get weekly tips to help keep your digital life secure.

Or, if you’d like to support our work and keep the kettle warm for everyone:

Issue # 6