I’m sure you have heard of password managers but do you actually use them? In today’s world, it is a must to keep you and your companies data safe. Recently there were stories that a password manager called LastPass had seen some of its customers’ master passwords compromised. The company denies that happened. And it’s possible that some of the people who reported being affected had old accounts with master passwords they’d used with other services.
Do you use a password manager in your business? We recommend it. Because we strongly believe the upsides of a password manager far outweigh any potential downsides.
What a password manager is and how it works
The average person has hundreds of online services they use now or have used in the past. If you’re a business owner or manager, you may have many more.
To log in to each of these, you need your email address and a password. These details – along with something called multi-factor authentication, where you enter a code from another device to prove it’s really you – are the main weapons stopping cyber criminals from accessing your accounts.
Hackers find it easy to get email addresses of course, and have become very sophisticated at guessing passwords. They use automated attack software.
For example, they might try a common word attack, where they try thousands of everyday words as the password. It’s why using your pet’s name, child’s name or favorite sports team is not a good idea.
They may also try a brute force attack, where they try millions of combinations of characters.
The easiest way for a hacker to get in is to discover a password you use on one service and try it on all your other services. If you reuse passwords, it only takes one service to have a breach and all of your services are at risk.
What can you do?
This is why best practice password advice is very simple but powerful:
- Always use long randomly generated passwords, or password sentences (such as “rope-fruit-parking-apple-swing-enormous”)
- Never write down passwords or record them anywhere unencrypted
- Never use a password for more than one service
Best practice is one thing. The reality is it’s impossible for most people to remember a) what their passwords are, and b) which password is for which service.
Constantly resetting passwords because you can’t remember them is just annoying.
So, people cheat. It’s human nature to do this because we’re all looking for tiny ways to make our lives easier.
Some of your team will use weak passwords. Or use the same password across several services. Or use a strong password, but leave it on display on a sticky note on their monitor. You think this wouldn’t happen in 2022… but we’ve seen it too many times.
This is where a password manager comes in. The password manager takes away all of the stress and difficulty for you and your team. You integrate it with your computers and mobile phones. This is routine these days. Password managers work with Windows, Macs, and all iOS and Android mobiles and tablets.
When you need a new password, it will randomly generate one for you. A very long password, that’s difficult for the human eye to read (ideally at least 16 characters). And it will throw in some special characters too, such as $, & and #. Then it will remember that password. And best of all, when you come to login to a service… it will automatically fill in that password for you.
Yes. You can log in without ever having to actually type anything yourself. Safety and speed in one piece of software.
What are the potential downsides?
They’re all related, of course, to having all of your passwords in one place. In theory, cyber criminals only need to break your master password and they can get into anything.
Of course, there are protections, and we always recommend you use them. Using a very strong master password is key. Also, make sure the multi-factor authentication we mentioned earlier is always switched on.
Using a password manager is safer than not using one. This is why we recommend them to our clients as well as the general public. Password managers make good password practice easy for busy people.
If you want our recommendation of which password manager we use and suggest, please contact us we are always happy to help.
Published with permission from Your Tech Updates.