How do you keep track of all your passwords? Today people use many different options, from sticky notes to Excel spreadsheets to OneNote lists, but not only are these inconvenient, they are extremely insecure! Let’s take a quick look at why this is, and then focus on some options for securing your personal or business-related passwords.
The Very Real Risks of Insecure Passwords
In any aspect of cybersecurity, you’re only as strong as your weakest link, and insecure password management is a very easy weakest link to have. For example, if you reuse passwords frequently, a hacker only needs to crack that password one time to access all of your accounts. But if you are using a different password for every account, chances are you use easy (re: hackable) passwords, or you write them all down. However, sticky notes can be found by anyone, files on your computer can be decrypted, and your actual computer could be stolen too, leaving a thief with the keys to the castle. It’s also important to note that storing passwords on paper or easily readable files is not compliant with any industry cybersecurity policy!
Best Practices for Personal Passwords
You may not think it’s a big deal if your Gmail password is stolen because a hacker will “only” see your Amazon orders or your lunch plans. But remember: Email is used by virtually every website and app to reset a password, so a hacker with access to your email has free reign over all your other accounts!
What can you do to counter this? Use a password manager like RoboForm, LastPass, or Keeper! Many are free, and they only require one password to access, so you don’t have to remember or keep track of dozens of others. They’re also great for accounts you might share with a partner or friend since no one needs to communicate a new password; just reset it, and it will be updated for anyone using the app.
Best Practices for Corporate Passwords
Within an organization, consistency is key, and what better way to be consistent in password management than — you guessed it — using the same password manager throughout the company? Providers like Pleasant Password Server and KeePass are great for organizations. With only one password to set and remember, that password can be much more complex and secure. Password managers also save your people time and frustration as they log into the system, then just right-click to log into the apps they use every day.
It’s also important to integrate your corporate password solution with Active Directory wherever possible, further reducing complexity while securing it even more — only someone with an AD login can access the password manager! A password manager is also good for shared accounts in the corporate space, like shipping websites or IT systems.
Password management doesn’t have to be complicated — just get an app today! There is no need for hours of research and analysis if you have nothing today; simply choose and implement a solution, and make improvements later as needed. Most importantly, don’t let password management be your weakest security link when there are so many easy options to fix it today!