Why Your Business Needs a Password Manager to Stay Safe
Passwords. We can’t get through the day without them.
From logging into our social media accounts to managing our online banking, those little strings of letters and numbers are necessary for just about any activity we conduct online.
We know they’re important. We know they keep our data safe. And we know they should be strong and complex to avoid our data being stolen.
Yet, when faced with the ‘choose password’ field, it’s always tempting to create a password we’ve used before. One we’ll remember again in a few days’ time. After all, we’ve all faced the frustration of repeatedly trying to guess a password only to be locked out of an account we need access to right now.
But reusing passwords is a risky strategy. When websites encounter a cyber attack and data is stolen, the hackers can then try those same passwords on other websites. So, if you’ve used the same password elsewhere, you could be giving the crooks easy access to many of your important accounts. And if they have your password, chances are they also have your email address, username and other personal information.
The importance of strong passwords
Often, we opt for weaker passwords on sites we think don’t matter so much. Your gym or library account for example. Then we take care to choose stronger ones on the sites we deem more important, such as our online banking.
The problem is any website – big or small – can be at risk from cyber criminals. And once they have your data from one source, they can then use it elsewhere.
Even if you’ve followed the rules and used different passwords on different websites, the hackers might still be able to gain access using your other personal data. By using the ‘forgotten password’ option on subsequent sites, they can bypass the need for a password, by using other security data like your date of birth.
If you’ve fallen into the habit of using weak passwords, or re-using the same password, you’re not alone. Security experts have found that the majority of people use weak passwords and reuse the same password over and over on different sites. Meanwhile, a report published by telecommunications company Verizon found that 81 per cent of data breaches were caused by weak or reused passwords.
Creating strong passwords
Cyber security best practice recommends choosing a unique password for every website that you use.
A strong password should be:
- Over 10 characters long
- A combination of numerals, letters, symbols
- Unpredictable – i.e. not identifiable words
That means stringing together recognisable words is no longer recommended. The old trick of substituting letters with numbers or characters isn’t enough either as the hackers’ software easily gets around this.
So, [email protected]@t would be considered a weak password. Meanwhile ZUas=.4r%VzA would be strong as it contains no recognisable words but does contain a mix of characters with numerals, plus upper and lowercase letters.
Of course, when you use several websites a day – and perhaps hundreds over a year, remembering strong random passwords is pretty much impossible.
So, what’s the solution? You need passwords that are secure. But you also need to gain easy access to your accounts when you need them. The answer is a password manager.
What is a password manager?
A password manager is an online tool that stores your login information for all the different websites you use. Once you’ve set up your account with a password manager, you’ll be able to log into other websites automatically – without needing to remember each individual password. The only password you need to remember is the master password for the password manager tool.
Are password managers safe?
A high-quality password manager is safe because your information is encrypted within the system. That means no-one can see or steal your passwords.
The best password managers also offer a host of other features, making your everyday experience of using the web easier and simpler. Here are 10 benefits that password managers offer:
1. No more weak passwords
Without a password manager, the risk is that you and your colleagues will continue to create easy-to-remember passwords. But of course, if a password is easy to remember, it’s also easy to hack! A password manager will ensure your passwords are strong and alert you to any that fall below the recommended strength.
2. Generate random passwords
Trying to create your own random passwords can be harder than it sounds – particularly if you’re attempting to get a good combination of letters and numbers plus upper and lowercase characters. You can save time by letting your password generator create strong passwords for you automatically.
3. Easy access to accounts with stored log-ins
Once you’ve set up your password manager, you’ll be able to access your accounts quickly and easily. No more racking your brain trying to remember which password you used on a particular website. And no more having to click the ‘forgotten password’ link and wait for the email.
4. Increased efficiency
When your employees need access to various accounts throughout the working day, forgetting passwords can add up to a lot of wasted time and frustration. With a password manager, your people will be able to log in the minute they start work and have access to everything they need. Not only does this boost productivity but it also creates a better work environment with motivated staff.
5. Easily update your passwords
If you’ve realised you’ve been using weak passwords for years, you might be worried about all the accounts you have out there that need updating. Going through each one to change your password to something more secure could be a time-consuming and laborious job. Password managers make the process easier by identifying the accounts where you use a weak password.
6. Use the convenient autofill feature
With a password manager, you can set up autofill to make registering on new websites quicker and easier.
7. Share passwords securely
Often in business, colleagues need to share passwords with other members of the team. With a password manager, this can be done securely, without compromising other data. You also have the option of whether or not you want to make the actual password visible for the recipient, when you share it via a password manager.
8. Store more than just passwords
Some password managers let you store other important data such as credit card info and confidential notes. That means everything is conveniently in one place with the peace of mind that it’s safe and secure.
9. Use the same password manager across multiple devices
We all use our devices differently at different times of the day. For example, you might want to log-in to your online banking on your PC when you’re at work – but from your smartphone when at home. You can set up your password manager to work across multiple devices, so you can easily log into accounts from your laptop, phone and tablet throughout the day.
10. Safeguard against phishing
Password managers can help against phishing attempts as they enter account information based on a website’s URL. So, for example, if you’ve been taken to a fraudulent site that looks just like your bank’s website, the password manager will not automatically fill in your log-in information. This will give you the opportunity to recognise that you’ve been taken to a different website.
How do I get a password manager?
There are lots of different password managers available. Many offer free versions but you can also upgrade to a paid account, depending on what features you need. Take a look online to research different options and then you can subscribe to your chosen one via their website.
You may find that your web browser already comes with its own password manager tool. However, we don’t recommend relying on these as they are not as dependable as a dedicated password manager. Often with a browser-based manager the data is stored in an un-encrypted format on your computer, making it less secure. In addition, browser password managers don’t often have the extra features that come with dedicated password managers.
Which is the best password manager?
The password manager we recommend to our clients (and use ourselves) is LastPass.
LastPass is a cloud-based password manager that can be used on any device and with any browser or operating system. It offers a number of powerful features and security enhancements such as two-factor authentication options to keep your password vault protected.
With LastPass, your passwords are stored on the system’s servers in an encrypted form. Your passwords are decrypted and encrypted locally when you log in – that means even LastPass itself cannot see your password.
Getting started with a password manager
The first thing you’ll be asked to do when starting with most password managers is choose a master password. This one password will give you access to your whole database of other passwords – so it’s important to make it strong. The good news is that this will be the only password you’ll need to remember in the future. Most password managers will offer to generate a strong password for you, so you don’t need to agonise over which combination of letters and characters to choose.
Once your password manager is installed, you’ll be able to start changing your existing passwords across all your various accounts to ensure they are secure. Depending which password manager you are using, it may even offer to identify and replace any weak or duplicate passwords for you. This is a good step to ensure that you are not using the same password across a variety of websites.
Creating strong passwords is one of the most important steps in protecting yourself against cyber-attacks – both at home and in your business. As cyber criminals develop ever-more sophisticated tactics to steal your data, it’s now more important than ever to create secure passwords.
There are methods which can be used to find out if your login credentials have ever become compromised, such as Dark Web Monitoring. Find out more about that here.
It’s easy to fall into bad habits when creating new passwords but with a good password manager, you’ll uncover tools and tricks to help secure all your accounts and move forward with robust passwords, giving you the best defence possible against unwanted hacks.
Of course, in your business, strong passwords should be just one part of your cyber security policy. Attacks can come from other angles, so it’s important to put a security strategy in place to protect your business.
You can read more about cyber security strategies for business here.
We hope you’ve found this article useful! If you’d like to find out more about using a password manager get in touch with us by clicking here to book your free consultation call.
Alternatively, you can download your free IT Security Policy Guide here, to find out 21 things to consider when creating your Business Security Policy.