Password Management Solutions … Safe, Secure, and Simple to Use

With the cybersecurity incident first revealed by LastPass last August and updated a few weeks ago on December 22nd, questions have arisen on whether password management solutions are secure and whether they should be deployed in a business setting (and on an individual level).  

In this article we will look at what password managers do, how they work, and why they are recommended for organizations and individuals. 

What are password managers and how do they work? 

Password managers are applications that store and manage online credentials. They can also generate passwords for online and offline use. Unlike other password storage methods, password managers can sync login information across devices, so the same password manager can be utilized on multiple devices people may use. 

In addition, some password managers allow users to securely share login information for a selected service. This can be useful for shared business resources.  

A valuable feature of password managers is the ability to generate and save strong passwords each time a new account for an online service is created. This feature guarantees that users create unique, secure passwords which significantly increases the security of online accounts and the information stored in those accounts.  

Password managers typically store passwords within encrypted databases behind a master password. A single, strong password or passphrase is created that secures all other passwords.  

Why should organizations use a password manager? 

One study found that the average person has 70 to 80 passwords connected to business and personal accounts. This makes creating unique and complex passwords, remembering them, and managing them a challenge. This leads to passwords being written down and misplaced. It leads to passwords being forgotten and needing to be reset.  It leads to the creation of weak passwords. It leads to the reuse of passwords across business and personal accounts which provides threat actors multiple opportunities to wreak havoc. All of which results in increased security risks for organizations, their employees, and their clients. 

Given the above, the main benefits of using a password manager can be summarized as follows: 

Avoids the creation of weak passwords and passwords reuse 

Weak passwords can be cracked by savvy cybercriminals in minutes leaving organizations and individuals vulnerable. According to a 2021 report, cybercriminals can crack 92% of the top 100 passwords within 60 minutes. In addition, 65% of the top 100 passwords are vulnerable to almost instantaneous cracking. As far as the reuse of passwords, once cybercriminals gain access to a single breached password credential set, they will use automatic tools to check the login combination across a wide swath of the internet, including financial institutions, social media sites and business accounts. 

Help with prevention of phishing attacks 

Many password managers have autofill feature that automatically fill in user credentials on a saved website. This feature can help mitigate phishing attacks, since a phishing site, no matter how good it is, will not be able to match the saved URL within the password manager.  

It should be noted that password managers are not solutions for preventing phishing attacks. They can’t prevent phishing emails that deliver malware. However, they can be a significant component of an organization’s broader cybersecurity strategy. 

Increase efficiency 

Saving passwords in one central location can help save users time by avoiding resetting passwords or repeatedly guessing passwords, which leads to account lockouts and associated downtime. Password managers can also generate strong, unique passwords for each new account. This accelerates the process of creating new accounts by taking the guesswork out of creating new passwords. 

Are password management solutions secure? 

All this takes us back to the question of whether password management solutions are secure. Reputable top-rated password managers are specifically designed to be secure. Most password managers use U.S. government-grade computer encryption to store passwords. This means that if a cybercriminal ever breached a password manager company, which has happened, they would not be able to decipher or use any of the stored passwords.  

However, there is no 100% guarantee as cybercriminals continue to use sophisticated tools and processes to launch their attacks. This is the reason we highly recommend a layered approach to cybersecurity. And remember, cybersecurity is not a destination. It remains a journey of continuous improvement 

To start a conversation about password management solutions or your organization’s cybersecurity journey, contact MicroAge today. 

Get the most from your IT

As service providers to more than 300 companies, the dedicated professionals at MicroAge are second to none when it comes to managed services. By improving efficiency, cutting costs and reducing downtime, we can help you achieve your business goals!

Most commented posts

cybersecurity banner

3 Reasons To Trust MicroAge With Your Cybersecurity

Cybersecurity has always been a concern for businesses, but the threats we all face are only expected to increase. By 2020, the average cost of…

Read More
it costs

3 ways to control your IT costs this summer

As the COVID-19 pandemic took the world by storm a few months ago, one of the results from the forced confinement by authorities was the…

Read More
cyber-threats-cybermenaces

3 Critical Cyber Threats For Businesses in 2019

Malware, vulnerabilities, and social engineering are some of the main concerns for IT security professionals. Although the tactics used to target businesses and individuals are…

Read More

Best Practices for Cybersecurity Awareness Training Programs

Government agencies such as the Canadian Center for Cybersecurity (CCCS) and the National Institute of Standards and Technology (NIST) in the U.S., not to mention…

Read More
GDPR PIPEDA

How to Keep Your Business Compliant with GDPR and PIPEDA Regulations

Identity protection and data security are the buzzwords of the tech industry, with laws like GDPR and PIPEDA being put in place to protect an…

Read More