Do you use a password manager tool for your personal and/or business passwords?
In today’s world where we use so many passwords for our online experiences, we highly recommend it. First let’s discuss what a password manager is and how it works.
The average computer user has hundreds of personal web-connected services they currently use or have used in the past. In the business world, you may have many more. As you know, to login to these services you need a username (oftentimes your email address) and a password. This info, along with other methods of authentication to prove it’s really you, are the main defenses stopping hackers from accessing your accounts.
Cyber criminals are able to easily find email addresses and have become very skilled at guessing passwords by using automated software. As an example, they could try a common word attack, where the software will try thousands of everyday words as the password. If they have any other personal data about you like your favorite color, pet’s name, child’s name or favorite sports team, this could help them in their efforts. (not hard to find this info on your social media accounts) They may also try what is known as a brute force attack, trying millions of combinations of characters.
The easiest way for a hacker to gain access to your accounts is to discover a password you use on one service and try it on other services. Reusing your passwords creates a situation where it only takes one service to have a breach that can put many of your accounts at risk.
That is why this password advice is very simple but effective:
• Use long, randomly generated passwords, or password phrases like “dog-coffee-black-chew-fish”
• Don’t write down passwords on a sticky note next to your computer, or record them in unencrypted files
• Don’t re-use passwords for more than one account
The hard part is that even if you follow the above advice, it’s highly unlikely that you can remember all those complex passwords and password phrases, especially since the average person uses almost 200 different logins. And, frequently resetting passwords you can’t remember is just annoying. So, people find ways to cheat. Human nature causes us to do this because we’re all looking for ways to make our lives easier.
At work it is likely that your team will use weak passwords, re-use the same password across several accounts, or use a good complex password, but leave it in full view on a sticky note on their monitor. You think this wouldn’t happen these days, but we see it a lot! This is why a password manager tool is so valuable and should be one of the main things you do in your personal and business life to help protect your accounts.
The nice thing is that not only is it a good cybersecurity practice, it also is more convenient! You can integrate it between your computers and mobile phones, making it easy to access your accounts from various devices. They are compatible with PCs, Macs, iOS and Android mobiles and tablets. When you need a new password, it can randomly create one for you. A very strong password that’s not easy for humans to read (ideally at least 16 characters). And it will use special characters too, such as ^, @ and %. Then it will store that password in an encrypted database. When you are ready to login to an account it will automatically fill in the username and password for you. All this without having to actually type anything yourself. Security and convenience in one awesome piece of software. You could even use it to share personal passwords with your family.
And, by using the business version of these password manager tools, you gain access to some great features. For example, you can assign passwords to an employee to use via the password manager and they can use them to login to their business accounts without even knowing what the password is. Then, if you ever need to revoke access (i.e. in the event of a termination), you can simply disable their password manager account and they will lose access to all the passwords that were assigned to them. Or you can revoke access to one or more accounts in the event their work role changes.
Are there any downsides?
Of course, having all your passwords in one database is potentially a downside. Cyber criminals only need to break your master password and they can get into the password manager database and have access to all your accounts. But there are extra precautions that we recommend you always use. First, use a very strong and complex master password. Since you now only have to remember one password, make it a good one. Secondly, always use the built-in Multifactor Authentication (MFA) feature to make sure that you get a text or some other notification that requires you to authorize a new login to your password manager. Another sensible protection is to use biometrics such as Face ID or fingerprint recognition.
Can you completely eliminate the risks of having your passwords stolen? No. But using a password manager is much safer than not using one. Password managers make your life more secure, and more convenient!
As a Managed Service Provider we highly recommend password manager tools to our clients. Reach out to us today and let’s talk about what tool is right for you!
#passwordmanager #cybersecurity #passwordhygiene #managedserviceprovider #computersupport