Password Management Solutions … Safe, Secure, and Simple to Use

With the cybersecurity incident first revealed by LastPass last August and updated a few weeks ago on December 22nd, questions have arisen on whether password management solutions are secure and whether they should be deployed in a business setting (and on an individual level).  

In this article we will look at what password managers do, how they work, and why they are recommended for organizations and individuals. 

What are password managers and how do they work? 

Password managers are applications that store and manage online credentials. They can also generate passwords for online and offline use. Unlike other password storage methods, password managers can sync login information across devices, so the same password manager can be utilized on multiple devices people may use. 

In addition, some password managers allow users to securely share login information for a selected service. This can be useful for shared business resources.  

A valuable feature of password managers is the ability to generate and save strong passwords each time a new account for an online service is created. This feature guarantees that users create unique, secure passwords which significantly increases the security of online accounts and the information stored in those accounts.  

Password managers typically store passwords within encrypted databases behind a master password. A single, strong password or passphrase is created that secures all other passwords.  

Why should organizations use a password manager? 

One study found that the average person has 70 to 80 passwords connected to business and personal accounts. This makes creating unique and complex passwords, remembering them, and managing them a challenge. This leads to passwords being written down and misplaced. It leads to passwords being forgotten and needing to be reset.  It leads to the creation of weak passwords. It leads to the reuse of passwords across business and personal accounts which provides threat actors multiple opportunities to wreak havoc. All of which results in increased security risks for organizations, their employees, and their clients. 

Given the above, the main benefits of using a password manager can be summarized as follows: 

Avoids the creation of weak passwords and passwords reuse 

Weak passwords can be cracked by savvy cybercriminals in minutes leaving organizations and individuals vulnerable. According to a 2021 report, cybercriminals can crack 92% of the top 100 passwords within 60 minutes. In addition, 65% of the top 100 passwords are vulnerable to almost instantaneous cracking. As far as the reuse of passwords, once cybercriminals gain access to a single breached password credential set, they will use automatic tools to check the login combination across a wide swath of the internet, including financial institutions, social media sites and business accounts. 

Help with prevention of phishing attacks 

Many password managers have autofill feature that automatically fill in user credentials on a saved website. This feature can help mitigate phishing attacks, since a phishing site, no matter how good it is, will not be able to match the saved URL within the password manager.  

It should be noted that password managers are not solutions for preventing phishing attacks. They can’t prevent phishing emails that deliver malware. However, they can be a significant component of an organization’s broader cybersecurity strategy. 

Increase efficiency 

Saving passwords in one central location can help save users time by avoiding resetting passwords or repeatedly guessing passwords, which leads to account lockouts and associated downtime. Password managers can also generate strong, unique passwords for each new account. This accelerates the process of creating new accounts by taking the guesswork out of creating new passwords. 

Are password management solutions secure? 

All this takes us back to the question of whether password management solutions are secure. Reputable top-rated password managers are specifically designed to be secure. Most password managers use U.S. government-grade computer encryption to store passwords. This means that if a cybercriminal ever breached a password manager company, which has happened, they would not be able to decipher or use any of the stored passwords.  

However, there is no 100% guarantee as cybercriminals continue to use sophisticated tools and processes to launch their attacks. This is the reason we highly recommend a layered approach to cybersecurity. And remember, cybersecurity is not a destination. It remains a journey of continuous improvement 

To start a conversation about password management solutions or your organization’s cybersecurity journey, contact MicroAge today. 

Get the most from your IT

As service providers to more than 300 companies, the dedicated professionals at MicroAge are second to none when it comes to managed services. By improving efficiency, cutting costs and reducing downtime, we can help you achieve your business goals!

Most commented posts

Google’s Chrome 68 Web Browser Will Flag All HTTP Sites “Not Secure”

In Google's eyes, websites using HTTP are not secure, so it is marking them as such, starting in the Chrome 68 web browser. Find out why Google is taking this stance.

Read More

When It Comes to Diagnostic Data, Windows 10 Is a Chatterbox

By default, Windows 10 sends a large amount of diagnostic data to Microsoft. If you are concerned about the types of data being sent, you might want to take advantage of the Diagnostic Data Viewer. Learn how to use this tool and what you can do if you do not like what you see.

Read More

Find Out What Data Microsoft Is Saving about You

If you use Windows 10 and have a Microsoft account, you can easily see the types of data that Microsoft has stored about you. Learn where you can find this data and how to delete it.

Read More

Why Using Gmail’s Confidential Mode Is Not a Good Idea for Businesses

As part of Gmail's redesign in 2018, Google introduced the Confidential Mode to protect sensitive information sent by email. Learn how it works and why you should avoid using it in your business.

Read More

What You Need to Know about Google Tracking Your Location

Google is tracking the whereabouts of billions of its customers, even when they tell the tech giant not to. Here is what you need to know about this practice, including how to minimize the amount of data being stored about you.

Read More