Password managers are meant to solve the chaos of creating and remembering passwords, but they can quickly become a mess of their own. After a while, your password manager can get clogged up with accounts you don’t use anymore, suffer from poor organization, and become a pain to use.
Thankfully, I have practical steps to help you declutter your password manager and turn it back into something useful. If you haven’t thought about your password list in a while, it’s time to dive in and tidy it up.
I use 1Password, but these tips should apply to most password managers.
Delete accounts you don’t need anymore
The most important step for a clean password manager is cleaning up entries you no longer use. You might have logins from an old job, sites that are no longer online, duplicate logins, or other buildup that serves no purpose.
If your password manager has an option to sort by Recently used or Frequently used, start with that to look over your least-used items. Also, delete any “false positives” that come up when you autofill common logins.
1Password has separate item categories for Logins and Passwords. The former are full profiles for an account, while the latter are lone passwords that 1Password created. In my experience, items marked as Passwords can be deleted; these are usually my first attempt at a password that didn’t meet the site’s requirements or similar.
If you use this login type for passwords without an associated login, like door codes, voicemail passcodes, or similar, be sure to double-check them before erasing.
Duplicate accounts are another issue to look for, though be careful not to treat two separate logins for the same site (like a work and home Google account) as duplicates. I label separate logins for the same site with parentheses, like “Google (Personal)” and “Google (MUO)”. It’s always wise to try logging in to make sure you’re keeping the right account before deleting anything.
1Password has a Recently Deleted panel where items live for 30 days before being permanently deleted. Make sure you don’t need the account before erasing it. In the next step, we’ll deal with any items you’re not sure about.
Archive or move old logins to a separate vault
Next, you should deal with items you can’t delete yet, but don’t want sitting in your main vault either. 1Password offers an Archive option that prevents items from appearing in search and autofill, but keeps them accessible under the Archive tab forever.
If your password manager doesn’t have this, create a separate vault to store these old accounts. If possible, prevent that vault from showing up in search, so it’s treated as an archive.
on, you should occasionally wade into the Archive tab and see if you’ve needed any of the logins recently. If not, those are more you can delete.
Mark your favorites for easy access
We don’t use all the passwords in our manager every week. To keep the important ones at the forefront, you should mark them as Favorites; most password managers have this on the right-click menu.
This makes it easy to jump to your most-used logins, especially on your phone where screen space is limited. Having that shorter list to reference makes your password manager less overwhelming for day-to-day use.
Tag items properly
Utilizing tags is another great way to bring order to your password manager list. Grouping items by purpose, like Email, Entertainment, Gaming, and Shopping, lets you find what you’re looking for when you can’t recall what you want to search.
Categorizing your logins is also a good way to make sure you have all your accounts saved in your password manager. If you look at the Entertainment tags and realize your Netflix account isn’t there, it’s a cue to change that password to a randomly-generated one from your manager.
Use the right categories for non-password info
Your password manager should offer many data categories beyond passwords and logins. When you create a new item in 1Password, you can choose from types like Credit Card, Driver License, Passport, or Wireless Router. These have specialized data fields for that type of information, making it easier to fill them out and review the data.
Secure Note is a good catch-all, but before using it, make sure you aren’t ignoring one of the other useful categories. It’s worth checking your existing notes to make sure they aren’t holding data that’s better put elsewhere (like a password or backup code).
Of special importance is the Identity item type. This lets you fill in personal info that websites always ask for, like your full name, date of birth, address, and phone number. When signing up for a new account, you can fill all this info with one click to save time and avoid typos.
Check for security issues
Your password manager likely includes a suite of tools to help you improve overall password hygiene. In 1Password, this is called Watchtower. Once you’ve done all the cleanup above, you should make sure your remaining passwords are strong.
1Password tells you when passwords may have been leaked in a data breach, which passwords you’ve reused, those that are too weak, and even sites where you can switch to passkeys. Since even strong passwords aren’t bulletproof, it’s important to consider these ways to further upgrade your security.
Take the time to upgrade weak passwords, remove any duplicates you missed, and change passwords on services that have recently been breached. It’s not always feasible to achieve a perfect security score, but this page helps you fix the worst issues.
Perform final polishes
Now, your password manager is free of old, weak, and duplicate entries, plus you have everything tagged properly. To wrap up, it’s worth touching up individual entries and making sure your password manager options are set correctly.
Most sites now use HTTPS for secure connections. Search for “http://” to find entries using insecure HTTP links, and change them. If a site doesn’t use HTTPS, it’s fine to leave it as HTTP, but remember your connection to the site isn’t secure.
While you’re checking the URLs for your saved logins, it’s worth updating the links if they’ve changed. Your password manager will only autofill on sites that match the listed domain (you can add more than one website for a login; I have Sony and PlayStation under the same item). And if you open websites by clicking them in your manager, you don’t want to have to wait for a redirect every time you click a login.
It’s also wise to clean up the names of sites in your manager, as these sometimes use the URL instead of the friendly site name. For instance, my Wikipedia account appeared under “en.wikipedia.org”, which looks ugly and messes up alphabetical order.
Remember that each login item has a Notes section where you can record 2FA backup codes, security question answers (preferably made-up), and other information. It’s better to keep this tied to the website’s item instead of keeping it in a separate note.
Finally, a tidy password manager
It’s a daunting task to clean up a password manager that holds years of data, but with my systematic approach, you can make it a more streamlined collection. Clearing out old entries, keeping your most-used logins at the top, and knowing everything is where it should be will reduce wasted time.
This is also a good time to fix any common password manager issues you’ve been running into.
