Whether you are an avid user of technology or not, passwords are something that virtually everyone needs to keep critical and private records and accounts safe. The question is, how do you generate and manage your passwords?
According to a recent study from Digital Guardian, about 63% of password users reuse their passwords at least once, 56% only change passwords when prompted, and 86% of passwords are kept through memory only (which typically necessitates a password that is easy to remember and likely tied to an aspect of the user’s life). Regardless of how you slice and dice the statistics, it is safe to say that most password users could do a better and safer job of generating and managing their passwords.
So, what about password managers? As a happy and regular user of a professional password manager (LastPass), I’m a little biased but what about those of you who are considering the use of a password management tool? How should you gauge safety, ease of use, and the selection process?
Luckily, I have help in answering some of those questions. Paige Yeater is the Director of Information Security Program Management for Mainstay Technologies and has joined up with me to answer some important questions about password management.
Question: Are password managers safe to use?
Answer: The short answer is YES and here are a couple of reasons why. The first is multi-layer security. What this translates to is strong user authentication, including Multi-Factor Authentication, access limitations, data segmentation, and complete encryption of all your data. This means that it is nearly impossible to access all your passwords without your master password which decrypts your data. Secondly, it’s important to remember that these tools only have one function – to keep your passwords safe. All focus is on safety and security.
Question: What are the benefits of using a password manager?
Answer: First, it’s important to remember that password managers can be used by individuals or across entire organizations.
As a personal user, you have many benefits available. Your password manager can create long and complex passwords for you which ensures they are difficult to hack and are not reused (don’t worry, the password manager will remember these for you). Most password managers also allow for cross-device sharing so your passwords will follow you from your phone to your tablet to your desktop or laptop.
If you have multiple family members you can share vaults so access to important family accounts is never an issue. This can also help you in the event a family member becomes ill or passes away. Finally, most password managers can also serve as your secure online vault where credit cards and personal information can be saved.
As a business, there are also many aspects of password managers that are attractive (in addition to all the benefits of personal use). You’ll have the ability to track passwords that may be shared within the organization. Also, your overall company security will be dramatically increased because all employees will be using safer, more secure passwords. Password requirements, such as the number of letters, numbers, and symbols can be established and all passwords are stored in a safe, encrypted place (not in excel spreadsheets, sticky notes, etc.).
Finally, you will experience increased efficiency. If all secure passwords are ready to go and able to auto-fill, and staff members’ accounts are hacked far less, workflow is bound to increase as is productivity.
Question: Are password managers difficult to use?
Answer: Not at all. There will inevitably be a small learning curve, which is true when learning any new technology, but once you create a couple of new accounts and passwords, you’ll find it’s super-easy and will become part of your everyday workflow.
Question: You’ve said that password managers are safe but how can I trust all of this important stuff being in one place?
Answer: The reality is that most people keep their passwords in one place, even if they don’t use a password manager (an excel sheet, notes on their phone, a word document somewhere…), So having them all in one place isn’t new, but with a password manager the level of security surrounding the stored data is far and away more comprehensive than any of those other options.
Question: Do most password managers have browser plugins? If so, does this make them less safe?
Answer: Some do, and some don’t. Typically, these browser plug-ins will act as a bridge between your system and the password manager and don’t introduce much additional risk, however, add a significant amount of value and increase the ease of use of the password manager.
Question: Are there specific password managers that you’d recommend? Are there different recommendations for personal or organizational use?
Answer: I personally have used 1Password for personal use and BitWarden for professional use. I wouldn’t recommend one over the other, and there are plenty of good ones out there I haven’t tried but it’s important to know what you need and how you plan to use it, which will help guide you in your search. Consider things like:
- How many devices will you need to access passwords on?
- How many users are going to be on the plan?
- What operating systems are you using?
- What is the cost structure?
- Customer Service – online-only, vs call-in option – what do they offer and how to you prefer to get support when needed?
- If you are a business, some password managers will allow you to have a corporate account, and also include a free personal account for each staff member, which is a nice perk for your team and helps keep them secure in their personal life as well as at work!
It’s “safe” to say that password managers can add a great deal of security and value. I’ve enjoyed the security and user experience of my password manager for the past 2 years and couldn’t see a better way of keeping my digital real estate safe. Thanks to our guest Paige Yeater for some tremendous insight.
About Alexander Technology Group
Alexander Technology Group is the leading provider of technology staffing and recruiting services across Greater Boston and New Hampshire. Since 2007, Alexander Technology Group has provided qualified technology professionals, on a temporary and direct-hire basis, to thousands of organizations throughout the local market.
Learn more and search jobs at https://alexandertg.com