Death Taxes and Passwords.
They say only two things are guaranteed: Death and taxes. I think it’s time the list was amended to include one more: passwords. Passwords are the necessary evil that plagues even the savviest of technology users. However, try as they may, 75% of people claim to have frustration with forgetting passwords but only 15% use a password manager that would solve that very frustration.
“When targeting companies, typically small businesses, the criminals access victim networks via … weak passwords. 80% of breaches are due to stolen credentials.”
Verizon DBIR Report 2022
What is a Password Manager?
If you are good at context clues, a password manager – you guessed it – manages your passwords. Many password managers on the market today have raised the bar even more than simply being a secure place to store your passwords. They are now called password managers and no longer password vaults.
What are the Benefits of a password manager?
There are numerous benefits to using a password manager to help manage the passwords you use every day. As you will surmise from the list below, each benefit complements the others.
A password manager allows you to access all your passwords with a single master password, so you don’t have to remember a different password for each account. No more forgotten passwords or password resets!
A password manager can generate strong, unique passwords for all your online accounts, which helps protect against hacking and identity theft. Also, with the password manager handling all your passwords, you no longer have to write them down or store them in an unsafe manner.
Many password managers are compatible with various devices and browsers, making it easy to access your passwords from any device.
Some password managers offer additional features such as two-factor authentication, password sharing, and secure notes, which can further enhance the security and convenience of your online accounts.
How to pick the right password Manager.
Picking the right password manager will come right down to identifying the features you need. Here are some features to consider when determining which password manager to choose.
Scope of use
There are lots of different password managers on the market. Some are best for individuals, while others are best for small businesses or enterprises. Understanding your particular scope of usage is going to ultimately drive you in the direction of specific products.
All the password managers on the market will boast strong security. But it is important to understand your requirements. For example, if you need to comply with any special compliance frameworks like HIPAA, ISO, or CMMC, you should consult with a compliance specialist to ensure the products meets the required standards. The provider should also have a good and established track record for security.
Ease of use and compatibility
A password manager should be easy to use and have a user-friendly interface. This will make it easier for you to manage and access your passwords when needed. Also, ensure your password manager is compatible with your devices and web browsers. Not all password managers will be easy to use or support using a mobile app and mobile web browser.
Consider the various features offered by different password managers. Some common features include auto-filling passwords, automatically generating strong passwords, giving you a score on the security of your passwords, alerting you of reused passwords, storing secure notes, and even bank and credit card information.
Of the list above, auto-fill is one of the most important features. It, of course, is extremely convenient. But, it is also more secure as you do not have to view the password or copy and paste, which keeps shoulder surfers at bay from peeking at your passwords.
You may think, “you get what you pay for” in the password manager world, and you are right. However, even a free password manager is better than no password manager. Be sure to compare the pricing of various password managers and find one that fits your company’s budget. Some password managers offer a free version with limited features, while others require a subscription or minimum seats.
In-depth reviews of password managers
For a more in-depth review of the major password managers on the market with pros, cons, and improvement areas, we have to give a shout-out to Devolutions on their extensive coverage here. Also, to TechRepublic, whose review is available here.
Browser password management.
Some browsers will also automatically save your passwords, which can be great. If a password manager isn’t in your budget, browsers like Chrome, Edge, Safari, and Firefox can perform many of the functions of password managers for free. And, they are already installed since you use them for browsing the internet.
However, browsers can be tricky to manage for some people since a browser is just somewhat of a utility for browsing the web. For example, people can forget about the stored passwords when moving to a new computer and lose those passwords. The good news is if set up properly, some browsers can sync your passwords between devices. Although sometimes mobile phone browsers seem more difficult to set up and are most often forgotten about.
Many people also have multiple browsers on their computers, and it becomes difficult to remember which browser stores which passwords leading to more frustration, confusion, and password resets.
The major benefit of a password manager is that you have a single dedicated place for your passwords, somewhat like a wallet. It’s a more conscious awareness of your passwords, and adding them to your password manager will eventually become a habit. This is good!
Getting the most out of your password manager investment.
If your password manager is used for the entire business, you will want to ensure everyone is using it properly. Most business-level password manager products have an account manager and password strength dashboard. This is great for management to understand who is reusing passwords and who uses weak passwords. However, the additional hurdle is getting people to care about secure passwords.
Research has shown that when security initiatives are gamified, people’s retention of information and involvement increase. Don’t be afraid to get creative with positive reinforcement. One example was a company that would reward the highest security score at the end of the month with a day off. Another company had a prize wheel and granted ten spins. At the end of the month, a spin was taken away for each reused or weak password.
No matter how you decide to do it, the goal is to provide some level of enjoyment in being secure.
Security is more than just better passwords.
A password manager is an excellent step towards making your business more secure. However, it is just one of many milestones in the journey of securing your business. Please check back with us for more content from this series to see how you can protect your business with minimal time and financial investment. Also, follow us on social media to get more content like this.
How StrataNorth can help.
If you are ready to transform your business’s security landscape and are looking for experts to guide you, StrataNorth has security consultants with decades of experience. We can help you reach security nirvana and give you a roadmap for success. Reach out for a no-cost, no-obligation chat with a security expert today.