Journal Logo

Doc APProvED

Doc APProvED

A Password Manager for Surviving Digital Dangers

Mohseni, Alex MD

Author Information
doi: 10.1097/01.EEM.0000488827.63683.e9

    We hear near-daily news of ever-recurring data breaches, ransomware-based EHR failures, and mostly unintentional — yet still costly — HIPAA violations, and the prudent physician should make sure that he is not the source or cause of these violations (unless you have a fondness for grabbing headlines in your local paper).

    Much of our hospital-based security apparatus relies on the integrity of our passwords. The cognitive load is simply overwhelming, however, if you are forced to change passwords every 90 days and barred from using any of your previous 10 passwords for different systems among different hospitals.

    The only reasonable solution is to unload this cognitive burden onto a trustworthy and safe system (or convince your hospital to install a biometric-based single sign-on, but most hospitals don't appear to really care about convenience or cognitive loads). The answer is to use a password manager. Two password managers dominate the market, and you should simply choose one and use it: 1Password and LastPass. (I use 1Password.)

    Both are easy to use, work on all of your devices (Windows, Mac, Android, and iOS), and do everything you need a password manager to do. Password managers function by running in the background of your computer or browser, and they suggest long, complicated, and unique (and therefore more secure) passwords when they see you signing up for a new service. And they remember the passwords for you. The next time you visit that website, the software will ask you for your master password (which unlocks the password manager), and then will log you in. Most hospitals will not let you install your own password manager onto their computers, so the workaround is to manually input your hospital passwords into your manager for reference on your mobile device at work.

    Unless you want to be the source of a data breach at your hospital or the victim of identity theft, a password manager is mandatory for surviving today's digital dangers.

    Share this article on Twitter and Facebook.

    Access the links in EMN by reading this on our website or in our free iPad app, both available at

    Comments? Write to us at

    Wolters Kluwer Health, Inc. All rights reserved.