The first thing that comes to mind when talking about passwords is pain. They’re a pain to remember, a pain to recover when forgotten, a pain when they get stolen and it’s a pain when a website forces you to create super secure passwords without the name of your favorite pet. While passwords are necessary, they aren’t user friendly so most people end up creating a password that is easy to remember and then use that password for everything. Both of these practices are huge security risks but don’t worry, there is a manageable solution.
Easy to remember passwords are also easily guessed, if not by humans then by bots. Hackers have honed bots to try out common passwords and use dictionary words, and better computers means that they can try more passwords very quickly. But the most secure passwords, long random combinations of letters, numbers and symbols are impossible to remember.
"In 2017, 80% of breaches were due to weak, default or stolen passwords" - Centrify
You would expect a website you enter a password into to keep your information secure, but this isn’t always the case. Even banks get hacked sometimes, and your password may be among the stolen data. If your password gets stolen from one site, what else could that person access? Your email? Your bank accounts? Most hacks I’ve seen happen to people and businesses resulted from a hacker gaining a password from an obscure website, and that password gave them access to the user’s email account. Once in your email account, they can reset the password for other accounts, manipulate your communications, or potentially just monitor your account looking for sensitive information.
Those are some nasty issues, but there is a solution that I would recommend for both businesses and personal use: a password manager. Password managers are applications that store all of your passwords and can be opened with a ‘master password’. So you only need to remember one, secure password and the application remembers the rest of them. This lets you use incredibly randomized, secure passwords unique to every login.
There are a bunch of password managers out there that tout different features and abilities, but the one feature you absolutely must have in any password manager is encryption. This means your data is hidden and obscured from prying eyes while it's syncing or stored. Our developer, Levi prefers the free price tag on Keepass even though it requires a little more management and set up on his part. For me and my immediate family, we keep our passwords in 1Password vaults so we can share a wifi or netflix password with one another. Our business however uses an entirely different password manager that stores hundreds of passwords that we can tag, sort and search through as needed.
Some password managers will work directly in your browser, and for others you may need to copy passwords from the app. Password managers can also often be used to store credit card numbers for all your online shopping convenience or other personal data like social security number, licence plates or secure notes. One of the best features of most password managers is the ability to sync across devices, making your passwords not only secure but readily available wherever you are.
Some other popular password managers include SafeInCloud, LastPass and RememBear all of which are well known. Unfortunately, passwords are just one piece of a larger security puzzle but even taking the step of moving to a password manager is a major step forward for you or your business’ security in today’s digital age. Want to know more about how to integrate a password manager into your office? Start a conversation and let us help!