Our series on passwords and user security is coming to a close. Our last post gave you insight into tips for creation and use of good passwords in your business operation. Now, you must think about how to keep track of all those great passwords. Password managers could be the answer.

 

Once upon a time, during the early years of the Internet, you may have had a handful of passwords for a few essential web applications that you used to shop, study, stay connected, and get work done. Today, things are much more complicated. A 2017 report from LastPass found that people, on average, had to remember 191 different passwords—just for work. That does not even include their personal passwords! Fortunately, you don’t have to remember all those passwords. A password manager can remember them for you.

 

Malwarebytes Labs defines a password manager as “a software application designed to store and manage online credentials. It also generates passwords. Usually, these passwords are stored in an encrypted database and locked behind a master password.”

 

Many of us avoid using different passwords for different accounts because it is so difficult to remember them all. We know that writing them down somewhere is not safe. Just like the bank stores and protects your money, password managers store and protect your passwords. All passwords are kept in an encrypted vault. The vault can only be opened with a master password. The master password should be your longest, most unique, and most complicated password. Password managers offer many services to help you with passwords.

 

Types

 

Local

 

Desktop Based password managers store your passwords locally on your particular device. It could be on your phone, your laptop, your tablet, or any other type of device, The passwords are in an encrypted vault, but you cannot access them from any other device. If you use multiple devices, you must set up a different password manager for each one. If you lose your device or it is stolen, you have lost your passwords. At least if you have a local password manager someone who finds or steals your device will not be able to access your passwords, but without your device, you won’t have access either.

 

Cloud

 

Cloud Based managers store passwords on the service provider’s network. The provider guarantees a secure network and encrypts your passwords in a vault.  The difference is you can access your password from any device with internet access. If you have your master password, you can get access to your other passwords.

 

 

SSO

 

Single Sign-On (SSO) password managers take a different approach. Instead of storing unique passwords for every application you use, it allows you to use one password for everything. The SSO is like a gateway. When you try to log on to one of your accounts, the SSO manager acts as a go-between, allowing you to access your information. Businesses appreciate an SSO because it will save the IT department time in resetting and helping with forgotten passwords.

 

Benefits of Using Password Managers

 

Memory

 

Of course, the most obvious benefit is that you do not have to remember all your passwords. In a cloud-based manager, you can access the passwords from anywhere.

 

Creation

 

Password managers can help create passwords for you. They will auto generate random and highly secure passwords.

 

Identity Protection

 

Using a password manager to remember different passwords for each of your accounts and to create high strength passwords, you are protecting your identity and data from cybercriminals.

 

Time

 

Password managers can auto-fill your username and password into the sites you have linked to them. This saves you time and gives you faster access to your accounts. Some managers also store and will auto-fill your full name, address, phone number, and even credit card information. These all save a lot of time when doing online business.

 

Versatile

 

Most password managers are very versatile. You can access the same password manager on Windows, Mac, Chrome, Firefox, Edge, Safari, Android, or iOS. It does not matter where you are or what type of device you are on, your passwords are always accessible.

 

Phishing Alerts

 

Phishing emails generally contain links to websites that are designed to look like a site of a business or organization you generally do business with. Instead, the site collects your login credentials. A good password manager will recognize that the spoofed site is not actually connected to any website you normally do business with, will not auto-fill your username and password. This should be a red flag to catch your attention.

 

Encryption

 

Password managers can be hacked, it’s not impossible, but overall, they have a great track record. Even if there is a breach, password managers use military grade encryption that protects your passwords. If a hacker gets access to the passwords, they only get the encrypted code and not the actual password. In 2015 LastPass suffered a breach, and the hackers were able to access user emails, but were unable to steal any passwords.

 

Considerations

 

When you decide to use a password manager, it is important to be sure you choose a reliable one. Your passwords will only be as safe as the company you are storing them with. The company that manages your passwords should NOT have access to see your individual stored passwords. They should also NOT store your master password. They should have safeguards in place to protect the data on their site from outside hackers. Finally, be cautious of free password managers. Many times, you get what you pay for. If the password manager is free, it may be less secure. In addition, they often have upcharges to get the best features. These factors will help protect you from subscribing to a password manager that ends up harming your security rather than helping you!

 

A password manager can be a great tool for convenience and safety! Let Catapult Tech Solutions help you find one that is best for you and your company or organization!

 

Are you on Facebook? We are, too. Let’s be friends!