How do you manage business passwords?
Workstation login. Cloud login. Email login. A hundred different application logins. Modern business requires a lot of passwords! It can be daunting to keep up and easy to start taking shortcuts with your security.
It doesn’t have to be that way. There are ways to manage your business passwords easily. Here’s how to get started.
Use a password manager
If you haven’t used a password manager before, it’s time to start.
When you have several logins to manage, a password manager makes it easy. Think of it like a locking file cabinet full of files with all the logins you use. You use one password (the “file cabinet key”) to unlock everything and keep it safe in one place.
That means that instead of remembering many passwords, you only need to remember one.
We recommend LastPass, but there are plenty of options on the market, including Zoho Vault, Bitwarden, Keeper, NordPass, 1Password, and DashLane. All of these have the core functionality of storing all your passwords securely in one place. Some also have other features, like password sharing and integration with other business software.
Best practices
Whether you use a password manager or not, you need secure passwords and strong security policies.
The latest guidance on passwords indicates that a passphrase is the most secure password type. For example, your Amazon password might be “I need to go to the store.” That phrase connects to Amazon in your mind, making it easier to remember.
Some passwords require numbers and symbols; in that case, you might have separate passphrases and a standard string you add at the end, like “@_88” or something similar.
Of course, if you’re using a password manager, you could also use a password generator to create a random string.
Password maintenance matters just as much as password creation. Your organization needs a solid central policy that must be enforced. That’s where tools like Active Directory come in—you can specify length, content, and the frequency of password changes.
Worst practices
Keeping a spreadsheet on your desktop or a cloud drive where you put all your logins is not secure. Password managers store the login information securely, using processes like salting and hashing to make the information more difficult to reverse engineer. Plain text offers no advantages, even if stored on a password-protected drive.
Sticky notes or papers at the desk are just as bad, if not worse. All it takes is one person walking into the office and snapping a picture with a phone, and your whole organization might be compromised.
Use password managers with strong passwords and consistent security policies to safeguard your organization. Need a hand figuring out how that works? We can help. Contact TeamLogic IT today.