Why Should I Use a Password Manager?

No one likes coming up with, or trying to remember, dozens of passwords—who can remember them all? To get around doing that, people often just reuse the same passwords, just to make life easier. As you probably are aware, that’s a recipe for disaster when it comes to securing your business’s data.

The solution to password fatigue and getting better data security at the same time can be as simple as using a Password Manager.

How Does a Password Manager Work?

A password manager is a database that stores a user’s credentials along with the sites they correspond to. Most of these programs also show how “strong” a password is, can generate passwords for you, and can even auto-fill them for you so that you can log in without having to type in anything. The latter capability means your employees don’t need to remember the passwords for those sites.

Instead, they just need to remember a single password—the one for the password manager. Obviously, one password is much easier for users to deal with! Switching to a password manager is a common best practice recommendation made by managed IT services providers as a way to improve password strength and account security.

 Why Not Use Other Methods?

Well, let’s look at what users typically do on their own:

• Reuse the same password for everything, or use something too simple. The problem with the first approach is obvious, and using something too simple means that a hacker could guess it with no trouble. Sadly, many people still use things like “password123.”
• Use insecure storage methods. If they do use different passwords, they might write them down or store them in plain text in a document or spreadsheet on their computer and/or mobile devices. If a hacker gains access to their devices, they will have access to all their passwords too.
• Use insecure ways to share passwords. If employees are sharing accounts, this can result in them sharing the passwords for those accounts as well. They might do this by sending out the password via email or text, and either one could be intercepted by bad actors.
• Use their browser’s built-in password manager. These are designed to make logging in easier, but aren’t quite as secure and sophisticated as standalone password managers. Plus, they’re not cross-platform, meaning that if an employee needs to log in to a business app outside of the browser, the browser password manager won’t be able to help them.

Added Benefits of Password Managers

A third-party or standalone password manager offers several benefits that your business will love.

• First, some allow your IT administrators to view password health to determine if employees are generating strong enough passwords on their own. Some enterprise password managers allow IT admins to set up password requirements. If the user’s password doesn’t meet the requirements, they can either try to create another one themselves, or there’s an option to let the manager auto-generate a password. The password manager then creates a password that meets or exceeds all the requirements.
• This leads to the next benefit. Employees who can’t come up with “yet another unique password” can just let the password manager do it. The password manager can generate a highly secure, long password filled with lower and upper-case letters, numbers, and symbols.
• It enables employees to automatically log in to sites and services once they log in to the password manager. This makes logging in faster.
• They are cross-platform. This means that the operating system, browser, and app don’t matter, making them easy to use across a team. If employees need to share a password, they simply share the password within the password manager with a specific user.
• Password managers use strong encryption to prevent unauthorized access. The provider of the manager can’t access the passwords at all. This is why it’s so important to remember the master password.

Reinforce It with 2FA or MFA

Using a password manager is not enough, though; reinforcing it with 2-Factor Authentication (2FA) is an essential best practice strategy. 2FA provides the crucial extra obstacle that a hacker has to figure out in the off-chance they crack your strong password manager password. Also, remember that your 2FA method should be based on an Authenticator App, NOT SMS text messages.

• For more information on 2FA, check out this article: [add URL]
• For more information on using an Authenticator App vs. SMS for 2FA, please see: [add URL].

Need Help?

Password managers offer a convenient and simple way to lock down account access, and for putting up a far more complex obstacle for hackers to get through.

At GSDSolutions IT Services, we can help you set up a password manager and two factor authentication as part of our standard package of IT support services. We provide managed IT services in San Francisco and throughout the Bay Area to help your business work more smoothly, efficiently, and securely, using the latest technology available.

Give us a call at (650) 282-7695, or drop us an email at getstuffdone@gsdsolutions.io to learn more about our services and how we can help you keep your business data secure.