Don’t worry about the potential downsides of a password manager. The upsides are far greater
Last week there were stories that a password manager called LastPass had seen some of its customers’ master passwords compromised.
The company denies that happened. And it could be possible that some of the people who reported being affected had old accounts with master passwords they’d used with other services.
Do you use a password manager in your business?
We recommend it. Because we firmly believe the upsides of a password manager far outweigh any potential downsides.
Let’s explain what a password manager is and how it works.
The average person has hundreds of online services they use now or have used in the past. You may have many more if you’re a business owner or manager.
To log in to each of these, you need your email address and a password. Along with multi-factor authentication, where you enter a code from another device to prove it’s you – are the primary weapons stopping cybercriminals from accessing your accounts.
Hackers find it easy to get email addresses and have become very sophisticated at guessing passwords. They use automated attack software.
For example, they might try a common word attack, where they try thousands of everyday words as the password. It’s why using your pet’s name, child’s name, or favorite sports team is not a good idea.
They may also try a brute force attack, where they try millions of combinations of characters.
The easiest way for a hacker to get in is to discover a password you use on one service and try it on all your other services. If you reuse passwords, it only takes one service to have a breach, and all of your services are at risk.
This is why best practice password advice is straightforward but powerful:
- Always use long, randomly generated passwords, or password sentences (such as “rope-fruit-parking-apple-swing-enormous”)
- Never write down passwords or record them anywhere unencrypted
- Never use a password for more than one service
The best practice is one thing. But, unfortunately, most people can’t remember a) what their passwords are and b) which password is for which service.
Constantly resetting passwords because you can’t remember them is just annoying.
So, people cheat. It’s human nature to do this because we’re all looking for tiny ways to make our lives easier.
Some of your team will use weak passwords. Or use the same password across several services. Or – horror – use a strong password, but leave it on display on a sticky note on their monitor.
You think this wouldn’t happen in 2022, but we’ve seen it.
This is where a password manager comes in. The password manager removes all of the stress and difficulty for you and your team.
You integrate it with your computers and mobile phones. Password managers work with Windows, Macs, and all iOS and Android mobiles and tablets.
When you need a new password, it will randomly generate one. A very long password that’s difficult for the human eye to read (ideally at least 16 characters). And it will throw in some special characters, such as $, & and #.
Then it will remember that password. And best of all, when you come to log in to a service, it will automatically fill in that password for you.
Yes. You can log in without ever having to type anything yourself—safety and speed in one piece of software.
What are the potential downsides?
Of course, they’re all related to having all of your passwords in one place. In theory, cybercriminals only need to break your master password, and they can get into anything.
Of course, there are protections, and we always recommend you use them. For example, using a solid master password is vital (you only have to remember that one password). And making sure the multi-factor authentication we mentioned earlier is always on.
It’s also sensible to use extra protection where available such as Face ID.
Can you 100% eliminate the risks of using a password manager? Of course not.
But is using a password manager safer than not? Yes, we believe so, which is why we recommend them and supply them to our clients.
Password managers make good password practice easy for busy people.
If you want our recommendation of which password manager we use and suggest, please contact us.
Published with permission from Your Tech Updates.