SUMMARY BY CHATGPT

In this podcast episode, entrepreneur Tom Antion discusses the importance of using a password manager to improve security, reduce risk, and save time.
Key Points
1. Password managers solve a common problem
• Tom frequently encounters people who waste significant time trying to remember or locate passwords during meetings and consultations.
• He considers poor password management both a productivity issue and a security risk.
2. What a password manager does
• Stores usernames, passwords, secure notes, credit card information, and other sensitive data in an encrypted vault.
• Requires only one master password to access everything.
• Generates long, complex, unique passwords for every account.
• Can automatically fill login forms and log users into websites with one click.
3. Password reuse is dangerous
• Every online account should have a unique password.
• Password managers make this practical because you don't need to remember individual passwords.
• Some password managers can alert users when a password appears in a known data breach.
4. Enable Two-Factor Authentication (2FA)
• Tom strongly recommends enabling 2FA whenever possible.
• Even if a password is compromised, an attacker would still need a second verification method such as a code sent to your phone.
• He compares it to adding extra locks or an alarm system to a house.
5. Avoid browser-stored passwords
• He advises against saving passwords in browsers like Chrome, Edge, Firefox, or Safari.
• His reasoning is that browsers are common attack targets and may expose credentials if a computer is compromised.
6. Avoid password spreadsheets
• Storing passwords in Excel or text files is risky.
• Malware, phishing attacks, theft, or hardware failure could expose all credentials at once.
• He notes that business-critical passwords should never be widely shared.
7. Plan for family and business continuity
• Consider how a spouse or family member would access important accounts in an emergency.
• Use separate credentials for contractors and revoke access when work is complete.
• Have a recovery plan for the master password.
8. Recommended password managers
• Tom personally uses RoboForm and has used it for many years.
• He also mentions 1Password as another well-known option.
• He encourages listeners to research and compare password managers before choosing one.
9. Protect the master password
• The master password should be strong and difficult to guess.
• Avoid common or personal information such as pet names, birthdays, or simple patterns.
• Automated tools can test millions of password combinations per second.
Main Takeaway
Tom's central message is:
Use a reputable password manager, create unique passwords for every important account, enable two-factor authentication, and stop relying on browser password storage or spreadsheets. Doing so greatly improves both security and convenience.

===

Episode 1135 – Password Managers
[00:00:08] Welcome to Screw the Commute. The entrepreneurial podcast dedicated to getting you out of the car and into the money, with your host, lifelong entrepreneur and multimillionaire, Tom Antion.
[00:00:24] Hey everybody, it's Tom here with episode 1135 of Screw the Commute podcast. Hey, we're going to talk about passwords and password managers today. I've been using one for many, many years and it'll do all kinds of cool stuff. All right. Let's see. Hope you didn't miss episode 1134. That's why I quit ChatGPT dot dot dot for one specific thing. I went to Claude and I'll tell you why in that episode. Anytime you want to get to a back episode, you go to screwthecommute.com, slash, then the episode number. Why I quit ChatGPT was 1134. All right, pick up a copy of my automation book at screwthecommute.com/automatefree. You can grab episode version 3.0, but I am about halfway done with 4.0, but a lot of the stuff in 3.0 is still good, so you can get started right away. screwthecommute.com/automatefree, and then wait for version 4.0. That adds a whole bunch of stuff. We take a few things out of 3.0, but mostly we're adding to it. And check out my mentor program, greatinternetmarketingtraining.com, and my school at IMTCVA.org, certified to operate by SCHEV.
[00:01:46] All right. I can't tell you. I really cannot tell you how many times people paid a lot of money to talk to me. And I'm sitting there on a Zoom call, and 20 minutes later, they still can't get into what they wanted to show me. All right. This is just not acceptable. That's telling me that they are fooling around, wasting enormous amounts of time and creating a lot of risk for themselves by not having a handle on passwords.
[00:02:21] All right. Password manager can store user IDs and passwords. Notes encrypted. So all your important stuff. Credit card numbers, documents, all that kind of stuff. And it's under one master password. But then it creates really crazy passwords. I'll get into the benefits of it in a minute, but so that it's very difficult for somebody to guess or hack your password. Now I happen to use Roboform. For many years I used to carry it on a thumb drive, a portable version of it around my neck on a lanyard, and unless you knew the master password, you could take the lanyard. I could drop it, lose it, and you still couldn't do anything with it because its military grade encryption. So what they do is they create crazy passwords that you'd never be able to remember. But see, you don't have to remember it remembers it, and it can auto fill like this is called like one step login or one click login. So let's say I want to go to eBay. I can just click my roboform eBay. It goes to the login page, puts my username and password in and logs me in automatically, instantly. Okay, with some crazy password that I couldn't remember in a million years. So each account that you have can have a unique password. You don't have to remember it. And some of these managers will alert you if that password happens to appear in some known breach. You know, TransUnion. I think it was TransUnion got hacked for millions of accounts and everybody gets hacked.
[00:04:25] I mean, these big companies are targets for hackers that they can grab 5 million credit card numbers and go, you know, do fraudulent charges and all that stuff. So you got to protect yourself. You can't depend on all those companies forever being perfect. It's just it's just not realistic. And then another thing you should do is whenever possible, when you have the option, you turn on what is called two factor authentication. I think it's authentication. Yeah. Whatever it is. But it's two factor is the first part. And basically what that's like is let's say your password is like the front door to your house. Well, the two factor is like, I don't know, additional deadbolts or even an alarm system. Okay. So even if they crack your password or get it somehow, you still are going to get a notice that they have to have your pin or your, your, uh, you know, they send you an authentication code and, you know, so you're going to get noticed before anybody can actually get in to your stuff. Okay. So it's worthwhile turning that on, even though it can be a pain in the neck. I get that. But here's some things you should not be doing with your passwords. One and this is my opinion because this is very convenient, but it's called browser storage. Every time I go somewhere it says, do you want to save this in the browser? No, I don't, because all these browsers are very well known.
[00:06:12] And again they're going to be targets. And if somebody does happen to get access to your computer, you're very vulnerable. And so it's very susceptible to hacking. So even though it's got major conveniences that I'm not even going to go over because I don't want you taking the easy route and then blaming me because you got hacked. All right. But I just would not do that. Another thing, people put a spreadsheet on their computer full of their passwords. Well, again, if you get malware in there, any kind of phishing attack, somebody could grab the whole spreadsheet and then get everything you own. Or your computer could die if you didn't have a backup somewhere, or if you got stolen or somebody broke into your house and your computer was on and you don't have a password to get in, they just sit there and, and, and Katy bar the door. And, and sometimes if an employee leaves, you know, they're going to have a big spreadsheet of all your passwords. Now, I do have such a thing, but it doesn't it doesn't cover super important things. Like nobody except me and my family know anything about the, the money aspect. All the bank, the bank accounts and the, the merchant account and all that stuff is unique passwords that nobody that works here has and I and it doesn't mean I don't trust those people. It just means that's a very poor way to run a business. I wouldn't expect them to give me even though I'm. You know, I guess they consider me highly trustworthy.
[00:07:58] I wouldn't expect them to give me their banking information. So. So there could be times when maybe your accountant might need it and so forth, but then you go change it after they're done. So, so what I want you to think about here and, and there's, there's two major ones that I know of. I only use roboform, but there's one called one password very well known and there's others. So you just put in password managers, but if it has anything to do with being stored in your browser, my not so humble opinion means don't do it. Okay, but here's some things you think about. Uh, do your spouse, if something happened to you, if you got run over by a bus yesterday, can your spouse and family get into your stuff? What about contractors that might need access. Well, that's probably a good idea to give them a unique password or a user user ID and password combo when you're allowed to have teams on a particular thing, and then when they're done with their work, cancel the whole thing out or change the password if you don't have a team function on it. And what about emergency access or recovery if you forget your main password? I know for a long time Roboform, you're screwed. All right. But they have changed that sense. But but, uh, you want one master password that nobody knows about. So what you need to do is quit using your browser and erase it all. I don't even know how just Google it on or YouTube, but on how to erase browser passwords because I never used them and I never, never will.
[00:09:44] By the way, and don't use multiple passwords on anything that's important. You know, I do lots of little stuff that's, you know, I'm working this all day, every day, 24 over seven, not 24 over seven, but seven days a week. I'm on here doing something. And if it's something that's not important, I might use a password over again. But if it got hacked, it wouldn't make any difference. You know, they get nothing. Okay. But pick a password manager. Go, you know, Google or YouTube it and get reviews on them and so forth. See what they'll do. But I'll tell you what, it's just been great for me. I've been I've got I'm probably asking you to try to crack mine, but God help you if you do, you better be a super hacker. But, you know, it'll hold all kinds of stuff, like your Social Security numbers of you and your family and things. Like I said, it's military grade encryption. You'd have to have a high level hacker to, to crack this and don't use some stupid thing for your master password. Like your dog's name with an exclamation point, right? Those are easy to crack with, and it's not like they think it up like you see on TV, that they're looking around your house and looking at the wall and oh, that picture has a name on it. That's your password. No, they just have a bot's that can go through millions of passwords a second and guess it if it's something easy.
[00:11:15] So don't make the master password something super easy. All right. That'll mess you up. All right, but get yourself a password manager. Learn how to use it. You know, it's not you're not going to do it all in one day because you're going to start saying, oh, I should probably put this Social Security information in there. I should probably put, um, all the, uh, the kids Social Security numbers in here. And, you know, you'll think of things all the time, over time that you'll want to put in there so that it's highly encrypted. And, you know, no matter if somebody gets your computer, if somebody tries to hack you remotely, if they steal your computer out of your house, they can't get all that stuff. Putting it in the browser to me is very, very, like I said, convenient, but they're targets for hackers. All right. So that's my story and I'm sticking to it. Don't get on a call with me and then wait a half hour before you can show me what you want to show me. All right. How about that? All right. So check out my mentor program. Greatinternetmarketingtraining.com. And my school IMTCVA.org, certified to operate by the State Council on Higher Education in Virginia. But you don't have to be in Virginia because it's quality distance learning. All right. We'll catch you on the next episode. Let's see. Have a great weekend.