blog

Why your business should be using a password manager

Aura_password_manager

Nowadays we all have hundreds of online accounts to manage, all requiring unique passwords.

Remembering complex combinations, and changing passwords often enough is difficult to do, and let’s face it, sometimes it’s much easier to do a ‘forgot password’ and reset it.

But lax security on the part of your employees means that passwords could be easy to crack or fall into the wrong hands. This is where password managers come in – the answer to your cyber security concerns.

What are password managers?

Password managers do exactly what they say, they manage passwords for users by storing them all in a fully encrypted, secure password vault.

They usually require a master password in order to access the vault, as well as two-factor authentication for added security. The best password manager will not only save you the hassle of remembering lots of different passwords, it can also generate strong passwords that are impossible to guess.

Now you may be thinking that your internet browser has its very own password manager, so why not use this instead? Browser password managers are limited because this is not their main functionality. They are designed to give a good browsing experience on the internet, not to safely store passwords. Most don’t even have the functionality to create strong passwords for you.

The best way to understand how a password manager works is your data is encrypted, and you hold the authentication keys – not the service provider. No credible password manager service will ever record your master password or keep a copy of the encryption keys used to decrypt your vault. In other words, the application has “zero knowledge” of the encrypted passwords.

If the password managers servers were compromised along with the encryption keys, your data couldn’t be accessed remotely and without your knowledge.

Sound good? Here’s why else you should use them…

Employees use simple passwords

Most of us are guilty of having a few simplified passwords that we use time again for all of our accounts, both personal and for business purposes. They are easy to remember and that means easy to guess, which is a dangerous habit if your employees are doing this.

A strong password is considered to be at least 12 characters long and containing a combination of numbers and symbols, and a combination of capitalised and lowercase letters. Luckily, password managers auto generate secure passwords for each individual account and store them securely in the manager.

Password retrieval is time consuming

If you asked your IT provider what are one of the most common support tickets, they will probably say password retrieval. For those employees who try to commit their passwords to memory, they will often forget, especially with frequent changes.

This retrieval process takes up a huge chunk of time for IT and is not a cost-effective task for the company as a whole. Password managers allow your IT provider to monitor and audit passwords from afar.

Quick access

As we mentioned above, password mangers allow people to type in a ‘master password’ which gives them access to all their saved logins.

In short, your team will spend less time fumbling with login screens and password recovery and spend more time doing what matters.

Manage shared accounts

For many businesses, managing who has access to which accounts can be a nightmare especially if multiple people need access to a single account.

A password manager will allow you to efficiently manage and change the password as necessary. Some apps even have features that enable one person to control the password to an account, and then provide access to other users without sharing the actual password.

Improved security

Password managers can generate random passwords for each of your accounts and random passwords will always be far stronger than those you come up with off the top of your head.

They can also protect against phishing attacks – one of the most common and effective ways login credentials are stolen. These emails appear to come from legitimate emails, but they send employees to fake login screens that will capture their passwords. Password managers thankfully are not prone to these attacks, as it won’t input a password if the domain name isn’t completely correct.

A password manager like LastPass will make it easy to stay in control of your security. It will generate secure passwords using the latest best practices, so you don’t have to keep up with new recommendations.

Plus, a desktop version that links directly to a mobile app makes it simple and easy for your employees to keep working while staying protected.

Many password managers can be secured with multi-factor authentication, or two-factor authentication. This allows you to combine a password with a second access code or password – an extra layer of security.

Passwords may seem limited in their protection, but secure, frequently updated passwords are still an effective way to keep your data safe. Password managers are the ideal way to generate robust passwords that guard you and your business against a cyber security breach.

For more information and recommendations for your business on password security, get in touch with our team at info@auratechnology.com.