There’s no doubting that passwords are important but keeping track of them without re-using them is pretty much impossible without a little help. This is where a password manager comes in to play, now it won’t take a rocket scientist to tell you what a password manager does, but there’s usually a little more than the name alone suggests.
Why would I want one?
Before we get into that, lets look at why a password manager is important and why you’d actually want one. These days we login to everything; from your Tesco account to your bank account and all the way through to your social media sites. According to one NordPass study, the average person has 100 passwords to remember, that’s a lot! So, what do people do? They re-use the password they’ve been using for 10 years because it’s easy, they can remember it and it just works.
That password you signed up to Facebook with in 2007 ‘ilovedogs’ does the job right, it’s only Facebook, who cares if someone gets in. But, as the years go on, you’ve signed up to more and more services using the same password, including your email, online banking – you name it, you’re loving dogs all over the place. Then one of your beloved services, it turns out, aren’t storing the password too securely and the password gets leaked, or you’re a victim of a brute force attack where criminals will just try all different combinations of commonly used passwords/words to get in – and once they’re into your Facebook, they’ll try all other services they can with your email address and that same password.
Now you might say, it’s fine, I’ve got two-factor authentication on my bank, Facebook etc – and that’s great, you need to cover all the bases. BUT if they have access to your emails, and that service allows you to use email as your two-factor authentication method, boom – they’ve bypassed your two-factor by having access to your emails and we’re still in a sticky situation.
A Password Manager you say?
This is where a password manager comes in to play. Now here at Coffee Cup Solutions, we like Keeper, we include it in our Assurance IT support package as default. A good password manager will securely save all the passwords you use, but it should also do it in a convenient easy to use way. Generally, they’ll have plugins for your web browser (Chrome, Firefox, Safari etc) as well as a standalone app for your PC/Mac/Mobile Phone/Tablet and when you go to sign up for a new service it will automatically offer to create the password for you, it’ll use a long, random list of text and special characters and input them automatically for you, for that site. So that once you’ve registered and next time you go to the website it’ll take over and fill out your username/password without you seeing them. How can you give your password away if you don’t even know it yourself!
By letting the password manager take over, each website/service will have its own unique password stored safely, so that if that service gets compromised – it’s only that service, not everywhere you’ve used that password over the last however many years!
Let’s look at an example on ‘howsecureismypassword’ a website that take a generalised view on how long it would take to crack a password.
First up, ‘ilovedogs’
Not much of a battle is it! Now let’s take a look at a password generated by Keeper password manager for this blog post:
Now, that’s quite a bit longer than 2 minutes!
One of the other great things about password managers is the ability to share passwords with other people in a secure way. You can share a password that will only ever show the person receiving it once, or for 24 hours for example. That way if you’ve emailed them the password and someone manages to get access to their emails down the line, that password is no longer visible.
You can setup teams of people from your staff with access to shared passwords – no more leaving a post-it note on the desk with Marys password when she goes on holiday.
One of your team decided to move on to a new company. You’ve got the ability to remove access to all company passwords in one go.
Want to know more?
We’re passionate about security here at Coffee Cup Solutions, talk to our friendly team by either calling 0118 38 42 175 or emailing [email protected] and we can help keep you and your team secure.