SECURITY CHECK-IT: STEP 10
Why you need a password manager
Passwords are one of the biggest frustrations of technology users. To avoid being hacked, passwords need to be complex and never should they be used twice. But realistically, we all know we often use passwords for multiple accounts. Just think of the dozens of logins for all your online tools and accounts, for private use and for professional use. How can you even remember all complex passwords for every website or app, let alone change it frequently? In this blog we’ll offer more insight on how to secure your passwords.
The risk of one password for multiple accounts
What are the real risks of using one password? Let’s say you have got an account with my local bakery and I order croissants every Sunday. This small business gets hacked and passwords are being auctioned off on the dark web. In most cases this password will not be used to order free bread from the bakery in your name, but hackers will run this password on all major online shopping platforms. If you use the same password for BOL.COM or Amazon or Coolblue, there is a big chance they will go shopping there with your credentials.
In a professional context, the risks of password reuse are even higher for employers. The cybercriminals might use this password to get into the users work account and launch a ransomware or phishing attack against the employer.
How a password manager can help
A password manager will store your passwords in an encrypted form, help you generate secure random passwords, and allow you to easily access your passwords across all the different computers, smartphones, and tablets you use.
By implementing a password manager we solve a number of problems:
- The password manager automatically fills in passwords so a user doesn’t need to remember them.
- The password generator creates ,complex and unique passwords for every website.
- Passwords are rotated automatically, so a breached or leaked password quickly becomes obsolete and doesn’t cause a threat.
Whether online platforms and companies have leaks and breaches, is out of your hands. But you can prevent your passwords from being circulated on the dark web: with a password manager, a breached password cannot be used on another location and is automatically changed by the time it could get auctioned on the dark web.
Password managers in the workplace
Due to the mobile first world we live in today, it’s vital to choose a password manager that stretches across different platforms (Windows, Mac, iOS, Android) and can be incorporated in your everyday life.
In a professional context: enterprise password managers allow a folder structure where different groups of users can access shared passwords (with or without seeing them). This feature prevents users from knowing or being able to change passwords themselves. Your company cannot be locked out of a tool or worse, have an employee leak passwords. The tool keeps logs of all actions taken, so there is always a trace of who accessed what at what time. A very valuable feature in GDPR times!
Do password managers themselves have security risks? No! The password manager’s login itself is protected by your Identity solution such as Azure AD, Okta,… which has MFA enforced and the password manager uses enterprise grade AES256 encryption to protect the generated passwords. In conclusion: a password manager is a key element in a holistic approach to cyber security.
Do you have any questions about using password managers? We will gladly help you! Send an email to email@example.com and we will contact you as soon as possible.
Based on our years of experience, we’ve created a 15-step plan, offering free advice to bring your security to a higher level.
Read all about it.