Finding a Password Manager That Meets Your Needs

Passwords are an important line of defense against cybercrime in businesses. For maximum security, each account password should be strong and changed regularly. However, trying to memorize many strong passwords is challenging. This is particularly true for IT administrators, senior operations staff, and other employees who must remember system and service account passwords in addition to their own. For this reason, employees might be tempted to write down their passwords or use variations of the same password for multiple accounts. To help them avoid these temptations, you can use a password manager program.

There are many password managers on the market. To find one that meets your needs, it helps to know how password managers work. It also helps to know which features are essential and which ones are nice to have.

How Password Managers Work

Many vendors and service providers offer password managers either as a standalone tool or as part of a software suite. Almost all of them incorporate the same basic design. They encrypt and store your account usernames and passwords in a file, repository, or electronic vault. When accessing one of your accounts using stored login credentials (user name and password), you enter a master password and select the account. This means you only need to remember one strong password to access all your accounts.

Some password managers store credentials in the cloud, while others use a local computer hard drive. With cloud-based vaults, you can access login credentials from any computer or mobile device connected to the Internet. Cloud solutions are protect against lost, stolen of damaged device.

However, with cloud-based vaults, you are relying on the password manager service provider to keep your passwords safe. As the June 12, 2015, attack on LastPass (https://blog.lastpass.com/2015/06/lastpass-security-notice.html/ ) shows, password manager service providers do get hacked. Although this attack did not result in any significant data loss for customers, they were advised to change their master passwords. So, if you decide to use a cloud-based vault, you need to keep abreast of any attacks against your password manager service provider and be vigilant in following its instructions if one occurs.

If you are uncomfortable with storing your passwords in the cloud, consider using a password manager that stores the vault on your computer. That way, you will have full control over it.

Password Manager Essentials

When looking at a password manager, you first need to cover the basics. Make sure that it supports:

• The operating systems and web browser versions of any computers and mobile devices on which you plan to use the password manager.
• A high level of encryption. Ideally, it should use 256-bit Advanced Encryption Standard, or AES, encryption.
• Token-based authentication if you have accounts that require two-factor authentication.

After you cover the basics, you need to make sure the password manager is well suited for multiple users. Business-grade password managers often let you create groups whose members share login credentials to certain accounts. For example, you can create a group named CSR, add the company’s customer service representatives to it, and share the login credentials to the online resources that they need to do their jobs. Those login credentials will then automatically appear in the password vaults of the customer service representatives. Another useful business-grade feature is the ability to assign employees predefined roles, such as user, admin, and super admin.

Finally, you need to make sure the password manager is easy to use. Otherwise, employees might go back to their old habits of writing down passwords and using variations of the same password for multiple accounts. One feature that makes a password manager more user-friendly is the automatic capture of login credentials as they are being entered. With this feature, employees do not have to enter the credentials manually if they do not want to. Another timesaver is a random password generator. Employees can use it to quickly create a unique strong password for each account.

Nice-to-Have Features

Business-grade password managers have other features you might find useful, such as:

• The ability to generate a portable vault using a USB key. This feature comes in handy if your password vault is stored on your computer’s hard drive. With the portable vault, you can use your master password to access accounts while working on other computers and devices with USB ports.
• The ability to store other items besides passwords in the vault to keep them encrypted and safe. For example, you can store bank account or credit card numbers in the vault.
• Extra security measures. They include automatically closing the vault after a certain amount of idle PC time and disabling auto-fill options on a browser.
• An administrative console that lets you centrally manage the password manager.
• The ability to track password usage and obtain audit reports.

Keep Your Data Safe

With the sophistication of today’s hacking technologies and hackers’ resolve to steal whatever data they can get, it is essential to have strong passwords. With a password manager, employees can create, manage and store strong passwords that will help keep your data safe.

If you have any questions on how to keep your passwords and credentials safe, please contact your PC Corp Account Manager.  We are here to help.